Policy Templates

Kentik’s policy templates are covered in the following topics:

- For general information about policy-based alerting, see Policy Alert Overview.
- For information on the v4 portal's Alerting page, see Alerting.
- For information on alert-related notifications, see Notifications.
- For information on mitigation for alerts, see Mitigation Overview.

Kentik-provided templates can be cloned and tailored to your organization's alerting needs.

About Policy Templates

Kentik's alerting system includes a set of templates for the alert policies that notify you about traffic anomalies and enable you to respond with mitigation (manual or automated). These templates are listed on the Policy Templates page. You can't add templates to this list or modify the existing templates in any way, but you can clone any listed template to add it to the policies on your Alert Policies page. The template remains unchanged, but the resulting template-based policy is fully editable, enabling you to tailor it to the specific needs of your organization.


Policy Templates Page

The Policy Templates page, which lists a set of Kentik-provided policy templates that cover common network traffic anomalies, is covered in the following topics:

Note: Only Administrators can access and use this page.

top  |  section

Policy Templates Access

To reach the Policy Templates page:

  1. From the portal's navbar menu, choose Alerting, which takes you to the Alerting page.
  2. At the upper right of the page, click the Configure Alert Policies button to go to the Policies page.
  3. At the upper right of the page, click the Policy Templates button to go to the Policy Templates page.
top  |  section

Policy Templates Page UI

The Policy Templates page is made up of the following UI elements:

  • Show/hide filters (filter icon): A button that toggles the Filters pane between expanded and collapsed.
  • Search field: A field that you can use to narrow the policies shown in the Policy Templates List. If text is entered, the list will show only policies that match the text in at least one column (ID, Name or Description). The field will also display any filters applied with the Filters pane.
  • Filters pane: A set of filters that you can use to narrow the alert policies shown in the Policy Templates List. See Policy Template Filters.
  • Policy templates list: A table listing the available policy templates (see Policy Templates List).
top  |  section

Policy Templates List

The Policy Templates list is a table that lists all Kentik-provided policy templates. The table includes the following columns:

  • ID: The template's unique ID.
  • Type: The type of template, either Custom or DDoS (see Policy Types).
  • Name: The name and description of the template. Once you've cloned the template you can change both the name and the description of the resulting policy.
  • Metrics: The units (e.g. bits/s, packets/s, flows/s, etc.) by which the template measures incoming flow data (see Data Funneling). The primary metric is listed first, followed by secondary metrics (if any).
  • Dimensions: The dimensions defined in the template, which combine to make a key definition that will determine how traffic is grouped for evaluation (see About Keys). Dimensions, which are based on fields in the KDE main table, are described in Dimensions Reference.
  • Create: This button clones the template and opens the resulting policy for editing (see Clone a Policy Template). When the policy is saved it will appear in the Policies List on the Alert Policies page. The original template remains unchanged.

Note: To see further details about an individual template, click the template’s row to open a Template Details Drawer from the right side of the page.

top  |  section

Policy Template Filters

The templates displayed in the Policy Templates List can be filtered using the controls in the Filters pane on the left. The pane includes the following elements:

  • Clear all (appears only when a filter is specified): Click to clear all current filters.
  • Type: The types of policies (Custom and/or DDoS; see Policy Types) for which templates will be displayed in the list.
  • Template ID: A field with which you can search for a specific template ID number.
    - This field matches only on a complete template ID.
    - A template ID is not the same as the policy ID that will be assigned to a policy cloned from the template.
top  |  section

Template Details Drawer

The Details drawer for a given policy template slides out from the right of the page when you click its row in the Policy Templates List. The drawer displays the following information:

  • ID: The template's unique ID.
  • Name: The Kentik-provided name of the template.
  • Clone: A button that creates a new policy from the policy template. See Clone a Policy Template.
  • Description: The Kentik-provided description of the policy template.
  • Dataset: An expandable/collapsible summary of the settings that determine which traffic will be evaluated by a policy made from this template. Once a policy is created its dataset can be modified on the policy's Dataset tab (see Policy Dataset Settings).
  • Thresholds: An expandable/collapsible summary of the settings for the thresholds in policies made from this template on the policy’s Thresholds tab. The number in parentheses is the number of thresholds defined in the template. Once a policy is created its thresholds can be modified on the policy's Thresholds tab (see Policy Threshold Settings).
  • Baseline: An expandable/collapsible summary of baseline settings defined in the template. Once a policy is created its baseline can be modified on the policy's Baseline tab (see Policy Baseline Settings).

The Details drawer provides a summary of the template’s settings. When you clone the template into a policy you will be able to change policy settings and see what policy settings need to be completed, but the details of the template itself will remain unchanged.


Clone a Policy Template

To make a policy from a template on the Policy Templates page:

  1. In the Templates list, click on the Clone button at the right of the row of the policy that you'd like to clone (alternatively, you can click the Clone button in the template's Template Details Drawer).
  2. On the Add Policy page, modify the policy as needed. See Policy Settings.
  3. Use the indicators in the Policy Summary Pane to confirm that all needed information has been added and any errors have been resolved.
  4. Click Save. The new policy will now appear in your Policies List.

Note: You can also create a policy from a template directly on the Policies page using theAdd Policy from Template dialog.

© 2014- Kentik
In this article: