Alerts overview
The Alerts overview provides a centralized view of historical and current alerts.
The dashboard supports alert prioritization through timelines, status indicators, and contextual details, with options to filter results and drill down for troubleshooting.
Accessing the Alerts overview page
To access the Alerts overview page:
Select Alerts and Diagnostics from the main menu.
Click on Alerts overview in the navigation panel.

Exploring the Alerts overview dashboard
From the Alerts and Diagnostics > Alerts overview page:
Select a default timeframe from the top-right corner, such as Past 72 hours, to see all Open alerts for the selected time period, regardless of when the alerts were triggered.
To see only alerts triggered within a specific time period, set a custom timeframe.
Hover over the Alerts triggered timeline to identify those periods when the system triggered more alerts.
Check the gauges summarizing triggered alerts with Open status and/or Critical priority, compared to the total number of alerts for the selected timeframe.
Zoom in directly on the timeline to change the chart granularity and update the Alerts table with only the Alerts triggered within that specific time period.
Consult the Alerts table for the selected timeframe.
Apply filters to sort content by tags or alert names.
After selecting an alert from the table:
Use the right-side panel for Alert details.
Use the action menu for additional context and analysis.

Default timeframe options, such as Past 72 hours, show all Open alerts for the selected time period.
Custom timeframes and timeline zoom-ins only show alerts triggered within the specific timeframe.
Zooming in on the timeline for specific triggered alerts
From the Alerts and Diagnostics > Alerts overview page, on the Alerts triggered timeline:
Select a timeframe with at least Past 24h time granularity.
Click and drag over the timeline section of interest to show only alerts triggered within that timeframe.
Use your browser's back button to return to the previous timeframe selection.
When the system performs the time aggregation, occurrences of the same alert are grouped and counted as one, as long as they occurred in the same aggregate time bucket.

Filtering alerts
To filter alerts, you have the following options:
Use the interactive filter dropdowns at the top of the page: Priority, Status, Entity and Tags.
Click on any of the tags in the Alerts table.
Optionally, temporarily filter alerts by searching for the Alert name and/or alert context using the table search input field.
Clear filters all at once, or individually by using each filter dropdown at the top of the page.

Consulting the Alerts table
The Alerts table page allows you to check Closed and currently Open alerts for the selected timeframe. By default, the table shows alerts that were open for at least 1 minute within the selected timeframe.
From the Alerts table on the Alerts and Diagnostics > Alerts overview page, you have the following options:
Sort alerts by clicking on the column headers.
Search for alerts by name, using the search bar in the top-right corner of the table.
Alerts triggered by built-in library monitors for virtual desktops display VDI in their names. Only available for organizations with Nexthink VDI experience.
Consult the alert information displayed in the table:
Priority: See the alert priority. Define the priority on the monitor configuration page.
Current status: See if the alert is open or closed. Closed alerts contain the time when the alert was closed.
Alert: View the name of the monitor that triggered the alert with information about the issue context, if it exists.
In case of binary-related monitors, hover over the binary name for ✦ AI-generated context.
Last trigger: View the last time a monitor triggered the alert.
Impact: View the number of devices impacted since the last time the alert was triggered. This figure is available for device-based monitors and all library monitors.
Refer to the Impacted devices section on this page for more information.
Tags: Add tags on the monitor configuration page and the Alerts management page.
Analyzing Alert details using the right-side panel
From the Alerts table on the Alerts and Diagnostics > Alerts overview page, select an individual row to see Alert details in the right-side panel.
The system displays the following information for all alerts in the right-side panel:
Alert name with context and a description of the main condition to trigger an alert.
Action menu with Investigations drill-downs and Edit monitor button.
Alerts impact analysis (AI-based)

Context-sensitive Alert details depending on the monitor use case
The following use cases exemplify the differences in the information displayed in the Alerts details right-side panel according to the specifics of the alert:
Alerts impact analysis
View the AI-powered analysis on the Alert impact analysis section from the Alerts right-side panel on the Alerts and Diagnostics > Alerts overview page. See the image below.
The analysis considers various factors, such as the context of the alert, the number of affected devices and entities (and/or user sessions, in case of VDI alerts), the details of the alert trigger, and the monitored metrics and thresholds breached.
The Alert impact analysis lets you prioritize issues and take swift action on those that are most critical.

FAQs about AI-powered Alert impact analysis
Action menu for additional alert context
Hover over an alert on the Alerts table and select the action menu or click on the action menu on the alert preview.

Available actions differ depending on the type of monitor:
Open binary profiling: Open the Binary profiling dashboard, which displays details related to the binary for which the alert was triggered. Assess the stability, resource consumption and risk of any unexpected problems specific to that binary configuration.
Refer to the Binary profiling documentation for more information.
View VDI session: open the desktop virtualization sessions overview dashboard to check metrics and per-session trends for all VDI sessions to identify issue patterns.
Only available for organizations with Nexthink VDI experience and, subsequently, monitors defined on VDI events.
Diagnose: Troubleshoot the issue on the Diagnostics page. This option is available for monitors that evaluate the metric across many devices.
Refer to the Diagnostics for alerted issues documentation for more information.
Retrieve all Impacted devices: Open the Investigations page with a list of devices that are associated with a given alert.
Retrieve all Impacted users: Open the Investigations page with a list of users associated with a given alert.
Only available for organizations with Nexthink VDI experience.
Retrieve all Impactful events: Open the Investigations page with query results of events that led to the last alert trigger.
Drill down to Alerts events: Open the Investigations page with a list of alert events triggered within a given context.
Edit monitor: View and edit the configuration of the monitor for an alert.
Understanding Impacted devices by alerts
The alerting service determines which devices are impacted by an alert. The impacted devices column of the Alerts table shows this information. The following monitors have an impact on devices:
Built-in monitor with metric change detection that tracks changes with a baseline
All devices with a monitored metric value above or below the threshold for which the alert was triggered at the time the alert had an open status
Built-in monitor with static threshold detection that triggers an alert when the metric is above or below the custom-defined threshold
Devices with at least one monitored event at the time the alert was open
Built-in global detection monitor
Devices that were using the binary with the configuration identified in the binary insights during the last 7 days
Custom monitor with a static threshold detection that monitors metrics per device
Devices for which the alert was triggered
Custom monitor with a static threshold detection that monitors the number of devices with issues
Devices returned by a monitor query at the time the alert was open
Custom monitor with static threshold detection that monitors the count or sum of an event metric
Devices with at least 1 monitored event at the time the alert was open
Custom monitor with static threshold detection that monitors the ratio or average computation of an event metric.
Devices with a monitored metric value above or below the defined threshold at the time the alert was open
Query impacted devices for metric monitors using the alert.impacts
NQL table. Refer to the NQL data model documentation for more information.
RELATED TOPICS
Last updated
Was this helpful?