Today, we're excited to announce an exciting update to Kentik's Alerting threshold condition capabilities. We've improved our threshold conditions to make them easier to configure and more powerful than ever. For those unfamiliar, kentik's threshold conditions allow users to set thresholds including baselines, to alert them when key performance metrics exceed or fall below-specified values. We have made it easier to configure these thresholds when using baselines, by providing a simple "Above or Below" drop-down, versus in the past, to configure a policy to trigger at 20% below the baseline, we had to set the rule to 125% above the baseline, as this is what the API was expecting. This was confusing and hard to understand for the user.

You know can simply select a % above or below the baseline. This should provide a much easier-to-understand experience for users creating alert policies with baselines.

Kentik has released a new Alerts reporting feature that lets you choose the type of Alerts (including DDoS) that you are interested in, along with the retention period (up to 90 days) and then either export this data or choose to schedule and subscribe to this report. 

This is version 1 of reporting for Alerts. This feature was suggested by our customers and provides initial reporting functionality around alerts. We plan to enhance this in future releases with more types of data, visualizations and analytics.

Example: I want to create a report of all my DDoS alerts (attacks) grouped by policies for the last 30 days.

Start by using the filter to apply the alert types, the retention period, summarization, grouping, etc. This is the main configuration of the report. Whatever you see here in the view is how the report will be created and viewed.

Then under the "Actions" drop-down in the upper right corner of the portal UI, you can choose to export this data directly or choose to set up a subscription to create a new report, say Monthly, and deliver it by email.

Fill out all of the desired subscription information and click "Subscribe"

We are happy to announce a new Health Map by Site Alerts Widget that can be configured and viewed from within the Kentik Observation Deck Dashboard. This is the first of many new widgets planned to be developed to give the Enterprise a tailored view of your networks and Infrastructure  

This new widget supports customers needing a type of NOC (Network Operations Center) view and status (Health) of their current locations based on Kentik Alerts. The User can then react quickly and take action on their most critical alerts.

Clicking on a site either in the map or the table will drill down into that specific location and display all the current alerts based on the filter settings. 

To see a brief setup video click on the link below and follow the guide in the video.

Customers can now apply a single notification channel to one or more alert policies.

From the Alert Policies page, select the policies that you would like to use, and click on the "Add Notifications" button:

Then select your existing or create a new notification channel and select "Continue"

The selected policies will now use the selected Notification Channel 

You can now schedule Silent Mode for alerts with a start and stop time for a policy or a pattern creation. This new feature will allow customers to silence alerts during maintenance windows automatically, for example.

Users can now:

• Export their Alert data in .csv format
• Configure whether to put all available columns in their export or only those that they have configured to show in the admin table (integration is seamless)
• Configure whether to export only the amount of data that they have currently loaded in the ui OR to export a fixed number of rows (up to the first 2000 rows)

Screenshots

We have Improved search bar results for Alerting by adding duration and tenant, as well as dimensions and metrics. In the screenshot below, searching for 209 brings up the ASN# with 209 under the dimensions column.

Overview

Now under the Mitigations Page, we show Archived Mitigations as part of the status filter behavior.

Previous behavior

• The initial load of the mitigations table excludes "Archived" mitigations (all statuses but archived are checked)
• In the filter sidebar, clicking "Clear all" did not clear the status selections.
• Even if you manually unselected all status filters, we still excluded Archived mitigations in UI. The only way to include "Archived" mitigations was to manually select the filter

Current Behavior:

• The initial load of the mitigations table still excludes Archived mitigations ("Active", "Failed", and "Waiting" are selected by default)
• But clicking "clear all" actually deselects all status selections for you.
• Having all statuses deselected now has the same behavior as having all statuses selected: Archived mitigations are now included in the result set.

We added this feature to allow manual mitigations to be added to each tenant by the landlord. This allows each tenant to use manual mitigations.

Capabilities:

• Allow landlords to assign manual mitigation to a tenant
• Allow the landlord to view and filter mitigations by the tenant
• Add read-only mitigation view for tenant's mitigations
• Allow landlords to add mitigations to tenant policies config (exclude this from package config)

Mitigation Table Tenant Filtering Behavior:

• When mitigations load, tenant mitigations are hidden by default
• Clicking "Show Tenant Mitigations" includes tenant results in landlord results
• When tenant mitigations are enabled, "Group by Tenant" and the "Tenant" table column become available
• Filtering by tenant(s) will return OR of tenant results for corresponding IDs
• Disabling Tenant results clears selected tenants

Creating Manual Mitigation

New Manual Mitigation Below

Assigning a Tenant

Landlord: Filtering Tenant Mitigations

Showing tenant mitigations, grouped by the tenant

Tenant mitigations, filtered to "Test Tenant A"

Tenant: Landing Page:

Users will not be able to edit the Methods and Platforms sections if associated active mitigations are using them. This will prevent users from disrupting any active mitigations that are in use. Edit capability returns when mitigations are not active.

Pages Impacted

• Mitigations (Protect & Settings)