Environments

Environments group related incidents together for improved automation and visibility.

Environments filter incidents on properties such as source and priority and group them together for easy visibility and action. Environments make it easy for your team to focus on the incidents relevant to their role and responsibilities. Environments can be used to filter the incident feed, or can be used to create dashboards, set up sharing rules, and simplify incident search.

BigPanda’s default environment is the All Incidents Environment. This environment includes every incident in BigPanda with no filter or limitations.

You can create custom environments to suit your organization’s needs. Define environments based on the areas of responsibility and processes in your organization to streamline your resolution workflow.

The Environments PaneThe Environments Pane

The Environments Pane

Relevant Permissions

Roles with the following permissions are granted varying levels of access to BigPanda Environments:

Environments_Read

Read-only access to all incident actions (ie: assign, snooze, share, comment) in all environments without the ability to change or submit any new incident action

Environments_Incident_Actions

Full access to all incident actions (ie: assign, snooze, share, comment) in all environments without the ability to access or change environment configuration

Environments_Full_Access

Full access to all incident actions (ie: assign, snooze, share, comment) in all environments, including environment configuration

_Read

Granular - Read-only access to all incident actions (ie: assign, snooze, share, comment) in the specified environment(s) without the ability to change or submit any new incident action

_Incident_Actions

Granular - Full access to all incident actions (ie: assign, snooze, share, comment) without the ability to access or change environment configuration in the specified environment(s).

Using Environments

Environments can be used to filter the Incident Feed, define AutoShare rules, create Dashboards, and view specific Analytics.

Filter the Incident Feed

Environments function as global filters for the incidents in the Incidents tab. By default, when navigating to the Incidents tab, the All Incidents environment will be selected.

On the left of the Incident tab is the Environments pane. All available environments are listed, with the current Environment highlighted and expanded.

To change which environment you are viewing, select the desired environment’s name from the list.
The Incident Feed will update to show only incidents that are grouped into that environment.

Each environment is pre-sorted into status folders: Active, Unhandled, Shared, Snoozed, and Resolved. Incidents that fit the environment rules will be automatically placed in their respective status folder(s). When selecting an environment, the Active folder will open first. To move to a different folder, select the folder name from the Environments pane.

📘

Incidents will appear in all relevant folders. An incident that has been shared and snoozed will appear in both folders. Resolving an incident will move it to the Resolved folder and remove it from other folders.

At the top of the Environments pane, a search bar allows you to filter environments. For organizations that have numerous environments, use the filter feature to quickly isolate a particular environment.

To filter the Environments pane, begin typing the environment name into the Filter search bar. Matching results will appear in real-time.

Clearing the filter search bar will revert the list and show all environments.

👍

Each user is able to Star environments, saving them to a Starred group at the top of the Environments pane. Click the Star beside an environment name, or the Star option in the three dots dropdown to save it for easy access.

Starring and Filtering EnvironmentsStarring and Filtering Environments

Starring and Filtering Environments

Environment Groups

Your environments may be clustered together into Environment Groups, or categories. Environment Groups organize your environments by common functions or properties, for example, business services, teams, and infrastructure areas. Environment groups aren’t actionable, but can make it easier to navigate the environment list for organizations that have a large number of environments.

The default General group contains all environments unless they are moved or created under a new group. To avoid duplication, each environment can only be associated with one environment group.

Each user is able to hide the environments that belong to environment groups that aren’t relevant to their work.

To hide the environments of an environment group from view, hover over the environment group's name and click HIDE. The environment group will collapse so that only the name appears.

To expand the group at any time, click SHOW.

To learn more about using the Incident Feed, please see the Viewing the Incident Feed documentation.

Define AutoShare Rules

Environments are the core mechanic in creating incident AutoShare rules. This allows you to automatically create tickets or contact teams when an incident that meets specific requirements comes in or updates. For example, create a rule that creates a ticket for any incoming incidents that would be grouped into a “Dev Impacts” environment.

To learn more about setting up Autoshare rules, please see the Smart Ticketing documentation.

Create Dashboards

BigPanda Dashboards provide easy-to-read operational health metrics in a consolidated view. Ideal for NOC displays and status monitoring, each Dashboard is made up of a series of widgets showing color-coded key information on incident severity and status.

Each widget shows information for a single environment, making it easy to track incident metrics by region, team, or infrastructure types. For example, you might have environments for each business service so that you can track metrics on each separately.

To learn more about using Dashboards, please see the Dashboards documentation.

View Analytics

The analytics feature helps you visualize trends in your monitoring data. You can gain insights into hot spots in your environment and see how BigPanda is correlating alerts into actionable incidents. Each report is built with widgets focused on data from a specific environment. In addition to the default standard reports, you are able to create custom reports to hone in on relevant data for that specific incident group.

To learn more about using BigPanda analytics, please see the Analytics documentation.

Managing Environments

Your BigPanda Environments can be customized to fit the areas of responsibility and processes in your organization. Create, edit, or delete environments to help your teams stay focused on the most relevant information to them, or to fit your autoshare and analytics needs.

Environments are managed from the Environments pane.

For example, you can define custom environments for:

  • An engineering team that is responsible for incidents related to a particular set of applications.
  • Level-1 or NOC operators that work only on high-severity incidents.
  • The emergency contacts of a customer-facing service. Include only critical alerts from the service, and then set up an AutoShare to immediately notify the emergency contacts.
  • Business asset- or region-specific incidents. Use the environment to create Dashboards or Analytics Reporting.
  • Incidents missing key tag or priority enrichment. Review incidents in the environment periodically to find correlation patterns that may be missing in your system setup.

Creating New Environments

You can create new environments to fit any of your workflow and process needs.

To create a new environment:

  1. Navigate to the Incidents tab
  2. At the bottom of the environments pane on the left, select New Environment
  3. In the environment editor, enter your environment information in the relevant fields

Field

Description

Name

The environment name is what appears in the Environments Pane and selection dropdowns within AutoShare and Dashboards. Each environment name must be unique.

The name should be short, specific, and meaningful to everyone at your organization.

The environment name can include spaces and be up to 100 characters long.

Apply to Group (Optional)

Assigns the environment to an environment group. By default, all environments will belong to the General group. Each environment can only belong to one group.

Select Create a New Group to create a new group for the environment.

Full Access Roles (Optional)

Granular role access for the environment. Select the roles that should be able to use all incident actions (assign, snooze, share, comment) within the environment.

If no roles are selected, only users with access to all environments will be able to access the environment.

Read-Only Roles (Optional)

Granular role access for the environment. Select the roles that should have read-only permissions for all incident actions (assign, snooze, share, comment) within the environment.

If no roles are selected, only users with access to all environments will be able to access the environment.

Set environment rules in the box below to limit and define which incidents appear in the environment. As you set rules, the preview pane to the right will show alerts that would be included under the current settings.

Previewing Environment SettingsPreviewing Environment Settings

Previewing Environment Settings

  1. Select a Source from the dropdown to limit incidents by source. Sources are listed with an ALL option, e.g. Nagios (ALL), and by specific instances, e.g. Nagios-US-EAST1. To include incidents by all sources and configure the environment by different criteria, select All Sources.
  2. To the right, check each box to include incidents with that status. Select Warning to include incidents with the Warning status. Select Ack/Maintenance to include incidents with the Acknowledged or Maintenance status. Incidents with Critical alerts are always included. To learn more about incident statuses, please see the Alert/Incident Status documentation.
  3. (Optional) Click the Plus icon to add additional criteria based on incident properties.
  4. (Optional) To add a second source or additional top-level criteria, click Add Another.
  5. When satisfied with the environment settings, click Save Environment.

👍

No need to start every environment from scratch! Duplicate an environment to create a new environment based on its settings. Click the Three Dots to the right of the environment name and select Duplicate. Adjust the settings to fit the new environment requirements and remember to give the environment a unique name.

Environment Criteria

When defining environments, you are able to filter incidents based on their alert properties or tags. You can filter environments by any standard or custom tags.

To add environment criteria in the environment editor:

  1. Click the Plus icon
  2. Select an available tag from the dropdown list. Standard and custom tags are autopopulated from your system. To narrow the options, type the name of the desired tag in the search bar at the top of the dropdown.
  3. Select an operator
  4. Enter the value(s) to filter by. When using the Equals To or Not Equals To operators, enter the value you want to match. When using the In or Not In operators, enter a comma-separated list of the exact values you want to match. Do not use spaces between comma-separated values.

📘

When using the Equals To or Not Equals To operators, you can use an asterisk (*) as a wildcard to match multiple values that contain a common element. For example, entering “db-*.domain.com” finds all values that start with db- and end with domain.com.

You cannot use wildcards with the In List and Not In List operators.

To add additional criteria, repeat the environment criteria steps.

To delete a condition, click the Trash icon beside it.

To add an additional top-level condition or secondary source, click Add Another. To delete a top-level condition or secondary source, click the Trash icon at the top right of the editor box for that source.

When satisfied with the environment settings, click Save Environment.

An incident is included in an environment if at least one of the active alerts meets the filter criteria. For example, if you add a condition that the check value must be cpu, an incident that contains a cpu alert and a memory alert will be included. Similarly, if you configure the environment to include only critical alerts, an incident that contains one active critical alert and several warning alerts will be included. This logic provides you with maximum visibility into any incidents that are potentially related.

Using the Advanced Editor

In addition to the Basic builder UI, BigPanda is able to use BigPanda Query Language (BPQL) to create criteria and conditions for environments.

To use the editor, select Advanced at the top of the environment criteria editor. Enter your BPQL filter in the text box.

The Environments Advanced EditorThe Environments Advanced Editor

The Environments Advanced Editor

Any conditions previously entered in the Basic editor will be translated automatically into BPQL in the Advanced editor Condition field. Adjust the conditions as desired.

Changes made in the Advanced editor cannot be translated back into the Basic editor.

Example Environment Queries:

  • An environment with only Critical Incidents - no incidents with only the acknowledged or warning statuses - from All Systems: source_system = * AND status = critical AND zero_impact != "true"
  • An environment with all incidents that include a ‘CPU overloaded check’ from All Nagios Systems: source_system = /nagios..*/ AND check = "CPU overloaded" AND zero_impact != "true"
  • An environment for all incidents from All Systems that affected a database host: source_system = * AND host = “database” AND zero_impact != "true"

🚧

Reserved Words

Certain words in BigPanda are reserved when using BPQL. When using these words to build environments, the system builds the environment according to the reserved meaning and is not able to treat them as a custom alert tag.

  • zero_impact = if false this means the environment has no incidents with the acknowledged or maintenance status
  • status = the current status of the incident. Possible statuses are: Critical, Warning, Unknown, Ok, or Acknowledged
  • severity = the max status reached by alerts in an incident. Possible statuses are: Critical, Warning, Unknown, Ok, or Acknowledged
  • source_system = the ID of the source system that produced the incident

To learn more about composing using BPQL, please see the BigPanda Query Language (BPQL) documentation.

Editing Environments

Environments can be edited to better fit the needs of your changing organization and processes. Environments are edited from the Environments pane.

To edit an environment:

  1. Hover over a desired Environment's name in the Environments pane
  2. Select the Three Dots icon
  3. Select Edit
  4. Make any desired edits to the environment settings or filters
  5. Click Save Environment to finalize the changes

The environment is updated to show incidents that meet the new settings. If the new settings add incidents to the environment that would trigger an AutoShare, the incidents will be shared.

Deleting Environments

If an environment becomes irrelevant or is clouding your view, they can be deleted at any time. Environments are deleted from the Environments pane.

To delete an environment:

  1. Hover over a desired Environment's name in the Environments pane
  2. Select the Three Dots icon
  3. Select Delete
  4. A confirmation prompt will appear, select Delete Environment to confirm the deletion, or Cancel to return to the Incidents tab.

The environment is permanently deleted from BigPanda.

🚧

As environments are used in AutoShare, Analytics, and Dashboards, it is best practice to ensure that an environment is not being used in any process before deleting it.

BigPanda Environments API

The BigPanda Environments API is able to pull environment details, and can create, update, and delete environments.

Once an environment has been created or edited using the Environments API, the Basic environment builder will no longer be available for that environment.

For more information about the Environments API, please see the Environments API reference page.

Managing Environment Groups

Your BigPanda environment groups can be customized to better fit the organizational structure and processes of your organization. Create, edit, or delete environment groups to help your teams stay focused on the most relevant information to them.

Environment groups are managed from the Environments pane.

Assigning an Environment to an Environment Group

Environments are able to be assigned or reassigned to environment groups at any time. Each environment can only be assigned to a single group at a time.

To assign an environment to an environment group:

  1. Hover over a desired Environment's name in the Environments pane
  2. Select the Three Dots icon
  3. Select Edit
  4. Under the Apply to group dropdown, select the desired group name
  5. Select Save Environment

The environment now appears under the group heading in the left pane and can be hidden or shown with the environment group.

Creating a New Environment Group

A new environment group can be created at any time. New environment groups appear at the bottom of the environments list in the environments pane and cannot be reordered.

To create a new environment group:

  1. At the bottom of the Environments pane on the left, select New Group
  2. Enter a Group Name.
  3. Select Create Group.

The environment group now appears at the bottom of the Environments pane and is available in the Apply to group dropdown when creating or editing environments.

📘

Group Order

In BigPanda, Groups appear on the left panel in the order they were created and cannot be rearranged.

Editing an Environment Group

To edit an environment group:

  1. Hover over a desired environment group's name in the Environments pane.
  2. Select the Three Dots icon.
  3. Select Edit.
  4. Make any desired edits to the environment Group Name.
  5. Click Update Group to finalize the changes.

The environment group will automatically update in the Environments pane and the Apply to group dropdown.

Deleting an Environment Group

Environment groups can be deleted at any time. Deleting an environment group does not delete the associated environments. All environments assigned to the group will be reassigned to the General environment group.

To delete an environment group:

  1. Hover over a desired environment group's name in the Environments pane.
  2. Select the Three Dots icon.
  3. Select Delete.
  4. A confirmation prompt will appear, select Delete Group to confirm the deletion, or Cancel to return to the Incidents tab.

The environment group is permanently deleted from BigPanda.

Defining Environments By Areas Of Responsibility

You can create Environments based on the different responsibilities within your Ops teams. This example demonstrates how to define an Environment for a DBA team that focuses on incidents for production databases and related analytics applications.

Defining The DBA Team Environment

  1. At the top of the screen, click the Incidents tab
  2. At the bottom of the left pane, click New Environment
  3. In Environment Name, enter DBA
  4. In the Source field, select Nagios (ALL)
  5. Click the Plus sign
  6. Select the tag, select the operator, and enter the value as listed in a row of the following table
  7. Repeat Steps 5 – 6 for each row in the table.

Tag

Operator

Value

Host

Equals To

*db.*

Hostgroups

Not Equals To

staging

Check

Not Equals To

keepalive

❗️

These filter conditions are defined for a hypothetical sample environment. You can adapt the conditions as necessary to meet your infrastructure configuration and the needs of your teams.

  1. Click Add Another to open a new source condition box
  2. In the Source field, select New Relic (ALL)
  3. Click the Plus sign beneath the New Relic (ALL) source
  4. Select the tag, select the operator, and enter the value as listed in a row of the following table
  5. Repeat Steps 10 – 11 for each row in the table

Tag

Operator

Value

Application

Equals To

Analytics

Description

Equals To

*ping*

Example DBA Environment SettingsExample DBA Environment Settings

Example DBA Environment Settings

If the Advanced Editor has been enabled, you can also create this environment by navigating to the Advanced editor and entering:

  • (source_system = /nagios../ AND Host = /.db../ AND Hostgroups != "staging" AND check != "keepalive" AND zero_impact != "true") OR (source_system = /new relic../ AND Application = "Analytics" AND Description = /.ping./ AND zero_impact != "true")
  1. Review the Preview pane to ensure that the correct incidents are included
  2. Click Save Environment

The environment now appears at the bottom of the environments list. The environment will update as new relevant incidents come in for your DBA team to review.