Event Flood Control

During an event flood, the first events to arrive typically contain the details you need to identify which of your systems need attention. Subsequent events that are generated during a flood add a lot of extra noise and they can result in processing delays if you exceed your licensed number of events per minute.

Event flood control reduces the number of events that are generated in xMatters when you experience a flood or event storm from one or more of your systems.

How does it work?

This feature compares incoming event requests to recent events and suppresses correlated events that occur in too close succession to one another. When suppression kicks in, xMatters sends you a notification and logs the details of the flood on the Events report so you can track how many events were suppressed and why. These suppressed events aren't queued for processing and don't count against your licensed number of events per minute, which allows events from other sources to flow through xMatters without lengthy processing delays.

Default Rule

As of the Defender release of xMatters On-Demand, a default Event Rate Filter rule applies to all new and existing inbound integrations. The default rule automatically suppresses incoming events from the same integration that target the same recipients when they occur at a rate that exceeds four events per minute.

This default rule is based on our analysis of actual customer event flood data and provides a balance of effective protection against sudden influxes of events, while allowing real traffic to proceed as normal.

The Event Rate Filter rule is designed to allow a reasonable number of events to be created in xMatters to indicate the type of activity that's occurring. This prompts users to view the source system for more information. In all customer cases that we reviewed, a recipient receiving more than four events per minute about an incident is able to gain better situational awareness by going to the source system and evaluating it there.

For more information on how you can edit the default rules, or create your own event flood control rules, see Manage Event Flood Control Settings.

Manage Event Flood Control Settings

The Defender release of xMatters On-Demand introduces a new Event Flood Control page in the web user interface, which allows you to view and manage event flood control rules for each event source.

Required Permissions

To manage event flood control rules for a communication plan or built in integration, you require the following:

  • A role with permission to manage event flood control settings (this includes Company Supervisors, Full Access Users, and REST Web Service Users).
  • Access permissions to the relevant communication plan or built-in integration.