How Alchemy Network Monitor Detects and Troubleshoots Network Issues

Active probing: Sends synthetic transactions and pings to measure latency, packet loss, and availability.
Passive monitoring: Collects telemetry from network devices and traffic flows (SNMP, NetFlow/sFlow/IPFIX) to observe real traffic patterns.
Agent-based metrics: Lightweight agents on hosts gather OS/network counters, process and service health, and forward metrics.
Log and event ingestion: Parses syslogs, firewall logs, and device events to surface error patterns and configuration changes.
Protocol-aware inspection: Understands application protocols (HTTP, DNS, TCP) to detect application-layer failures and degradations.

Anomaly detection: Uses baselines and thresholds to flag deviations (spikes in latency, drops in throughput).
Event correlation: Groups related alerts (e.g., link down → routing flaps → service outage) to reduce noise and show causal chains.
Topology-aware context: Maps devices, links, and services so alerts include affected paths and upstream/downstream dependencies.
Root-cause inference: Suggests likely causes by combining telemetry, recent config changes, and historical incidents.

Interactive tracing: Path traces and hop-by-hop latency diagrams to pinpoint where latency or packet loss occurs.
Packet capture & flow drilldown: On-demand packet capture and flow summaries for deep inspection of problematic traffic.
Command playbooks: Prebuilt diagnostic steps (ping, traceroute, config checks) and automated runbooks to reproduce and fix issues.
Time-series analysis: Correlates metrics across hosts and devices with zoomable graphs to identify when and how problems began.
Alerting and escalation: Configurable alerts (severity, suppression, deduplication) and integrated notifications (email, Slack, PagerDuty).

Auto-remediation: Conditional automation (restart service, reroute traffic) for common, low-risk problems.
Capacity planning: Predictive trends and utilization forecasts to prevent congestion-related incidents.
Configuration drift detection: Alerts on unexpected config changes that could lead to outages.
SLA monitoring: Tracks service-level metrics and generates reports to enforce SLAs and identify chronic issues.

Identify correlated alerts and affected services via the topology map.
Run an interactive trace to find the problematic segment.
Inspect recent logs/config changes and time-series graphs for the same timeframe.
Capture packets or flow records on the suspect link for protocol-level analysis.
Apply an automated remediation or follow the runbook; escalate if unresolved.
Post-incident: record root cause, roll back faulty configs, and update alerts/playbooks.

If you want, I can create a one-page runbook tailored to a specific network topology or write example alert rules for typical failures.

Comments