You can add a threshold configuration and gets alerts for the configured threshold.

To configure the analytics-associated thresholds and alerts:


  1. On the Home page, in the left navigation pane, click Analytics > Thresholds > Add.
    Threshold - Add configuration page opens.
  2. In the Name text box, enter a unique name for the configuration.
  3. From the Scope drop-down menu, select a scope, and in the Select criteria text box, enter a criteria.
    The Scope drop-down consists of the Virtual Machines, Flows, Application, SD-WAN Link, SD-WAN Edge, and SD-WAN Edge Application entities. The scope is based on the search query system. You can create a query from the available suggestions as per your requirements.
  4. In the Condition section, set a condition to create an alert.
    Based on the condition you set, the system decides if the threshold is violated.
  5. The default metric is network traffic rate. Select the grouping of the entity and the value for which you are checking the threshold. You can set a threshold on a cumulative metric by aggregating the data over a group of entities.
    1. To configure the static threshold, select either of the following threshold conditions from the list:
      • exceeds threshold
      • drops below
      • is outside range
      When you enter the Upper Bound or the Lower Bound (if there is range) for network traffic rate or total traffic or any other metric, ensure that you enter the value in the specified metrics for that particular text box. The following conversion values are for your reference:
      • 1 Kbps= 1000 bps
      • 1 Mbps= 1000 kbps
      • 1 Gbps = 1000 mbps
      • 1 KB=1024 B
      • 1 MB=1024 KB
      • 1 GB = 1024 MB
    2. To configure the dynamic threshold, select deviates from the past behavior. Select the sensitivity based on your requirement of reporting.
      When you set the threshold, you can view the associated graph at the top of the page. The pink bar denotes the VMs or the flows violating the threshold. You can view the list of the entities that have violated thresholds and the entities that are within the thresholds in the system.
  6. From the Minimum Violation Duration drop-down menu, select a time duration.
    If you select Minimum Violation Duration, you get alerts if the violation last longer than the selected time duration.

    For example, If you set Minimum Violation Duration for 15 minutes, you get alerts only if the violations stays active for more the 15 minutes.

  7. Configure the notifications or alerts by setting the following properties:
    • Severity
    • Email frequency
    • Send notification emails to:
    Note: Select Send SNMP Trap if you have configured SNMP traps on your system.
  8. Click Submit to create the threshold configuration.