SIGNL4

Mobile Alerting and Anywhere Incident Response

SIGNL4
  • Product
    • Feature Overview
    • On-Call Management
    • Mobile Alerting App
    • Why SIGNL4
    • First Steps
    • Security, Data Privacy & GDPR
    • Online Help & FAQ
    • Blog and what’s new
    • System Status
  • Use Cases
    • IT Alerting
    • SIEM & SecOps Alerting
    • IoT Service Alerting
    • Industry 4.0 Maintenance Calls
    • After-Hours Service Desk
    • Field Service Dispatching
    • Emergency Alerting
  • Integrations
  • Pricing
  • Company
    • About
    • Partner Program
    • Podcast
    • Media
    • Contact us
    • Newsletter
  • Free Trial
  • My Account
  • Deutsch

Inspiration

  • Home
  • Inspiration
  • General
  • Three fundamental tips for an effective event filtering in SIGNL4

Three fundamental tips for an effective event filtering in SIGNL4

  • By Matt
  • April 7, 2021
  • General
Three fundamental tips for an effective event filtering in SIGNL4

Event and alert filtering matters because alert fatigue is one of the most crucial issues in alerting and alert management. SIGNL4 implements a lightweight and effective way of filtering events. The overall process is based on alert categories. Alert categories are applied using a keyword search across the entire payload of incoming third-party events. But assigning alert categories, e.g. for alert augmentation, is not filtering.

To enable an effective event filtering, check out these three fundamental tips:

 

1. Enabling the whitelist keyword filter

SIGNL4 can filter incoming events (received by email, webhook or REST API). This is handled through a keyword whitelist filter. The keyword whitelist is comprised from all keywords of all Signl categories.

How does a keyword whitelist work? Once enabled, the whitelist filter will only let 3rd party events pass and be turned into alerts going out to your team, when the content of the event contains at least one of the keywords in your whitelist (i.e. if at least on category matches). An event which payload does not contain any keyword of your list, will be ‘blocked’ and not turned into an alert signl.

To enable keyword whitelisting, switch on the according toggle for each team under: https://account.signl4.com/manage/Category 

Received events which get filtered out and do not raise an alert notification flow, are still visible in the event journal (accessible through https://account.signl4.com/manage/Signls ). They are marked with a “Filtered” status.

 

2. Create a blacklist filter

As described above, there is native whitelist keyword filter built into SIGNL4. But how about a blacklist filter? A blacklist filter will block any incoming 3rd party event if it contains one of your keywords listed in the blacklist.

With a little hack, you can create a keyword blacklist and apply it as a filter the following way:

1. Create an alert category named ‘blacklist’ for your team: https://account.signl4.com/manage/Category

2. In the keyword section of this category, add all your blacklisted keywords and combine it with OR, i.e. choose ‘Any’

mceclip0.png

3. Now, either have all users manually opt-out from this category or if you are on a paid plan with the ‘assignment’ feature, opt out your users via the Assignment tab, so that the ‘no signls’ symbol is shown for all users.

mceclip1.png

4. Check if no user is subscribed to your ‘blacklist’ category, i.e. no user will receive Signls for any incoming event containing any of your blacklist keywords.

mceclip2.png

 

3. Applying keyword search to dedicated event parameters

Keywords are used to find a matching alert category which is then used to enrich an alert with colors, icons, push sounds, maps and so on. Alert categories can also be used to route alert to dedicated staff, to hide alerts or to prevent incoming events from being turned into alerts (keyword whitelist filtering).

By default, SIGNL4 scans the entire event content for matching keywords. It can then apply an ‘AND’ or ‘OR’ logic operator. This approach is little bit broad.

However, it is possible to work more precisely by telling SIGNL4 to match keywords only for named event parameters. Instead of searching the entire event payload for a keyword ‘ABC’ you can restrict the keyword search for a single event parameter, like the subject of an email event using the following syntax when defining a category keyword: ‘subject ABC’.

So, you simply use the parameter name, a space and then the keyword you want to search for. This also works for custom parameters of your payload. So, if you webhook call payload contains a parameter named ‘param1’ you would use the keyword definition syntax ‘param1 ABC’ to only search in param1 for keyword ABC.

This facilitates a much more precise keyword matching and whitelist filtering algorithm. Here is a sample screenshot:

mceclip0.png

 

These three tips make for an effective filtering algorithm. If you need more capabilities, please feel free to contact us and we are happy to consider your feedback in our feature pipeline planning.

Tagged

event filteringevent management

Share

Related Posts

6 Must-Have Features of an Alert Notification Software

February 24, 2023

5 tips for a successful on-call duty

February 17, 2023

Maximizing IT Company Success through Effective On-Call Support

February 6, 2023

Alarm optimization – what SIGNL4 has to offer

December 21, 2022

Why SIGNL4?

SIGNL4® reliably notifies mobile operations teams and provides for a 10x faster response to critical alerts, major incidents and urgent service requests. Read more

 

Most Popular

  • Being a powerful ‘pager app’ SIGNL4 ca...
  • Microsoft Flow – send mobile Alert Notificat...
  • Geofencing Alerts with Automate or Tasker
  • Website Down Alert Notifications AWS CloudWatch Alarms to your mobile phone during...
  • Maintenance Call Machine Breakdown Maintenance Call using the AWS I...
  • Paging App Android settings for making SIGNL4 an even better...
  • Code Webhook CSharp C# C# code for the SIGNL4 webhook
  • Setting up the AWS IoT Button – and SIGNL4

FOLLOW US

  • Twitter
  • LinkedIn
  • Facebook
  • Vimeo

CATEGORIES

  • Communication (11)
  • Customer References (1)
  • Developer (11)
  • DevOps (12)
  • General (108)
  • Healthcare (1)
  • Integrations (24)
  • ITOM & ITSM (21)
  • Manufacturing (8)
  • OT & IoT (21)
  • Security (5)
  • Updates (32)

Tags

alert alerting alert management alerts Android Application Insights Automate AWS IoT Button Azure B2B software Call Routing do not disturb Duty Scheduling emergency escalation Field Services geofencing handover Hotline ifttt Industrie 4.0 IoT IT Alerts IT Operations ITSM location Manufacturing Monitoring mute override on-call duty On-call Scheduling oncall duty Pager paging app press release SaaS splunk Tasker temperature voice voice recognition weather webhook Website zapier

ABOUT US

Derdack® is a long-standing innovator for enterprise-class mobile alerting and alert management solutions. Our global customer list includes The Boeing Company, Daimler, BMW, Porsche and many other leading brands. With SIGNL4® we have reinvented mobile alerting and alert management for operations teams in IT, IoT, Industry 4.0 and other areas where swift response to critical events matters.

SIGNL US

Phone +1 (202) 4 700 885
Intl +49 331 29878-20
CH +41 31 539 19 90
Email info (at ) signl4.com
Feedback online
Newsletter Sign-up


User Love Us

© 2023 - Derdack SIGNL4

  • Twitter
  • LinkedIn
  • Vimeo
  • GitHub
  • Feedback
  • About
  • Terms of Use
  • Privacy Policy (Website)
  • Cookie Policy (EU)
  • Product
    • Feature Overview
    • On-Call Management
    • Mobile Alerting App
    • Why SIGNL4
    • First Steps
    • Security, Data Privacy & GDPR
    • Online Help & FAQ
    • Blog and what’s new
    • System Status
  • Use Cases
    • IT Alerting
    • SIEM & SecOps Alerting
    • IoT Service Alerting
    • Industry 4.0 Maintenance Calls
    • After-Hours Service Desk
    • Field Service Dispatching
    • Emergency Alerting
  • Integrations
  • Pricing
  • Company
    • About
    • Partner Program
    • Podcast
    • Media
    • Contact us
    • Newsletter
  • Free Trial
  • My Account
  • Deutsch
Manage Cookie Consent
We use cookies to optimize our website and our service.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage vendors Read more about these purposes
View preferences
{title} {title} {title}