Alert Policy Templates

Kentik’s policy templates are covered in the following topics:

• About Alert Policy Templates
• Alert Policy Templates Page
• Clone a Policy Template

Notes:
- For general information about policy-based alerting, see Policy Alerts Overview.
- For information on the v4 portal's Alerting page, see Alerting.
- For information on alert-related notifications, see Notifications.
- For information on mitigation for alerts, see Mitigation Overview.

Kentik's alerting system includes a set of templates for the alert policies that notify you about traffic anomalies and enable you to respond with mitigation (manual or automated). These templates are listed on the Alert Policy Templates page. You can't add templates to this list or modify the existing templates in any way, but you can clone any listed template to add it to the policies on your Alert Policies page. The template remains unchanged, but the resulting template-based policy is fully editable, enabling you to tailor it to the specific needs of your organization.

The Alert Policy Templates page, which lists a set of Kentik-provided policy templates that cover common network traffic anomalies, is covered in the following topics:

• Policy Templates Access
• Policy Templates Page UI
• Policy Templates List
• Policy Templates Filters
• Template Details Drawer

Note: Only Administrators can access and use this page.

To reach the Alert Policy Templates page:

1. From the portal's navbar menu, choose Alerting, which takes you to the Alerting page.
2. At the upper right of the page, click the Manage Policies button to go to the Policies page.
3. At the upper right of the page, click the Alert Policy Templates button to go to the Alert Policy Templates page.

The Alert Policy Templates page is made up of the following UI elements:

• Subnav: The subnav contains breadcrumbs for the page.
• Show/hide filters (filter icon): A button that toggles the Filters pane between expanded and collapsed.
• Search field: A field that you can use to narrow the policies shown in the Policy Templates List. If text is entered, the list will show only policies that match the text in at least one column (ID or Name). The field will also display any filters applied with the Filters pane.
• Filters pane: A set of filters that you can use to narrow the alert policies shown in the Policy Templates List. See Policy Templates Filters.
• Policy templates list: A table listing the available policy templates (see Policy Templates List).

The Policy Templates list is a table that lists all Kentik-provided policy templates. The table includes the following columns:

• ID: The template's unique ID.
• Type: The type of template (NMS, Traffic, Cloud, or Protect; see Policy Types).
• Name: The name and description of the template. Once you've cloned the template you can change both the name and the description of the resulting policy.
• Metrics: The units (e.g. bits/s, packets/s, flows/s, etc.) by which the template measures incoming flow data (see Data Funneling). The primary metric is listed first, followed by secondary metrics (if any).
• Dimensions: The dimensions defined in the template, which combine to make a key definition that will determine how traffic is grouped for evaluation (see About Keys). Dimensions, which are based on fields in the KDE main table, are described in Dimensions Reference.
• Create: This button clones the template and opens the resulting policy for editing (see Clone a Policy Template). When the policy is saved it will appear in the Policies List on the Alert Policies page. The original template remains unchanged.

Note: To see further details about an individual template, click the template’s row to open a Template Details Drawer from the right side of the page. Click the template’s row again to close the drawer.

The templates displayed in the Policy Templates List can be filtered using the controls in the Filters pane on the left. The pane includes the following elements:

• Reset To Default (appears only when a filter is specified): Click to clear all current filters.
• Type: The types of policies (NMS, Traffic, Cloud, or Protect; see Policy Types) for which templates will be displayed in the list.
• Template ID: A field with which you can search for a specific template ID number.
  Notes:
  - This field matches only on a complete template ID.
  - A template ID is not the same as the policy ID that will be assigned to a policy cloned from the template.

The Details drawer for a given policy template slides out from the right of the page when you click its row in the Policy Templates List. The drawer displays the following information:

• ID: The template's unique ID.
• Name: The Kentik-provided name of the template.
• Create: A button that creates a new policy from the policy template. See Clone a Policy Template.
• Description: The Kentik-provided description of the policy template, if any.
• Dataset: An expandable/collapsible summary of the settings that determine which traffic will be evaluated by a policy made from this template. Once a policy is created its dataset can be modified on the policy's Dataset tab (see Policy Dataset Settings).
• Thresholds: An expandable/collapsible summary of the settings for the thresholds in policies made from this template on the policy’s Thresholds tab. The number in parentheses is the number of thresholds defined in the template. Once a policy is created its thresholds can be modified on the policy's Thresholds tab (see Policy Threshold Settings).
• Baseline: An expandable/collapsible summary of baseline settings defined in the template. Once a policy is created its baseline can be modified on the policy's Baseline tab (see Policy Baseline Settings).

The Details drawer provides a summary of the template’s settings. When you clone the template into a policy you will be able to change policy settings and see what policy settings need to be completed, but the details of the template itself will remain unchanged.

To create a new policy from a template on the Alert Policy Templates page:

1. In the Templates list, click on the Create button at the right of the row of the policy that you'd like to clone (alternatively, you can click the Create button in the template's Template Details Drawer).
2. On the Add Policy page, modify the policy as needed. See Policy Settings.
3. Use the indicators in the Policy Summary Pane to confirm that all needed information has been added and any errors have been resolved.
4. Click Save. The new policy will now appear in your Policies List.

Note: You can also create a policy from a template directly on the Policies page by clicking the down-arrow at the right of the Add Policy button and selecting Add Alert Policy from Template (see Add Policy from Template).