Handling spikes or evaluate policies depending on time.
Just wondering what would be the best way to approach monitoring of network traffic with regular spikes. The spikes are expected and of no interest to monitoring operators, so I'd like to suppress events generated by them. Usually traffic jumps when servers are backed-up at specific times every day. We use threshold policies from standard system information monitoring. I couldn't find an answer looking at either downtimes or correlations. Any ideas other than modifing the policies?
Can you eleborate further? I don't see any relevant option in SBEC (Repetition, Missing recurrence, Combination). Event suppression works on top of filters that only provide less than/greater then conditions for absolute time.