RMM Alerts: Best Practices for MSPs

Table of Contents

    Remote monitoring and management (RMM) platforms are the cornerstone of a profitable MSP business. Properly implemented, RMM alerts help MSPs to proactively detect and resolve problems before a client notices.

    However, as any technician who has an inbox full of alerts they’ll do nothing with can tell you, it’s easy to get RMM alerting wrong and have alert fatigue cause critical issues to slip through the cracks.

    In this article, we’ll explore RMM alerts in depth including what they are, why they matter, and how you can use them to supercharge your team.

    What are RMM alerts?

    RMM alerts are notifications that identify a potential issue with a managed asset and can trigger automatic responses such as emails, SMS messages, webhooks, ticket creation, and script execution. 

    While the implementation details will vary between different remote management platforms, the basic RMM alert workflow is:

    1. IT assets (e.g., workstations, servers, firewalls, UPS battery backups, printers, etc.)  are discovered and added to an RMM platform by installing an agent.
    2. Alert thresholds and conditions are automatically or manually created, as well as corresponding automated actions.
    3. The RMM platform monitors the assets using an RMM agent or remote management protocol like SNMP or WMI.
    4. When the conditions for an alert are met (e.g., a service crashes or CPU exceeds X% for Y amount of time), the RMM triggers an alert and typically places the asset in an “alarm” or “warning” condition.
    5. Automated actions such as notifications, ticket creation, or script execution occur based on RMM configuration.
    6. Once the triggering conditions are cleared, the alert is considered closed, and the asset’s “alarm” or “warning” condition is cleared.

    Why are RMM alerts essential for MSPs?

    Break/fix is a fundamental aspect of life as an MSP, and RMM alerts can tell you when something is broken before your clients do. Many of the benefits of RMMs, such as enhanced security and IT automation, depend on quality RMM alerting.

    Additionally, zooming out and identifying trends in RMM alerts can help you make strategic decisions about your business. For example, if a specific printer or firewall model creates a disproportionate amount of alerts, you may want to recommend different solutions to your clients.

    How to manage RMM alerts

    Now that we know what RMM alerts are, let’s dig into the tactics that can help you implement them efficiently.

    Define alert triggers

    Alert triggers are the starting point for all your RMM alerts. Triggers are based on asset metrics or conditions and define the thresholds at which an alert will fire. Common examples of alert triggers include:

    • Resource utilization exceeding or dropping below a threshold (e.g., > 95% disk utilization on a server)
    • A service crashing
    • Temperature exceeding a limit

    The tricky part about RMM alerts is knowing when to trigger an alert. For example, a CPU utilization exceeding 99% might be a problem if it remains above 99% for a meaningful amount of time. To strike the right balance, MSPs should fine-tune their alert conditions to add context such as the amount of time a condition must persist to trigger an alert.

    Disable unnecessary alerts

    Alert fatigue is one of the biggest problems in IT. In a world where technicians are flooded with “critical” alerts, no alerts are truly critical.

    Once a team reaches that point, it is easy for a helpdesk to fall into a negative feedback loop. Unnecessary escalations become the norm and users try to bypass MSP ticketing processes to get attention on their issues.

    Good alerting hygiene is the key to preventing this problem from slowing down your MSP business. Default alerts may be a good starting point, but they’re rarely ideal for the specific context of any given MSP, their clients, and assets under management.

    Simply put, if no action is required, an event should be a log entry at most, not an alert. Use this principle to audit and optimize your RMM alerts.

    Customize notifications

    The solution to the alert fatigue problem often boils down to:

    do NOT send notifications to a human if there is nothing for them to do. 

    If you are dealing with alert fatigue, the best starting point is to audit the notifications you’re sending today and suppress or delete alerts your team has trained themselves to ignore. But, don’t stop there.

    Spamming multiple individuals and using the wrong channels can be just as bad as alerting on non-actionable conditions. Make sure you send your notifications via the right channels (e.g., email, Slack, SMS) and to the right groups.

    Automate quick fixes

    Automation and MSP efficiency go hand-in-hand. You can’t scale your business if you have to do everything manually. Automated alert remediation allows you to fix alerts while you sleep.

    If you already have well-defined, repeatable runbooks for common issues, take the next step and tie your RMM alerts to those solutions and enable your technicians to focus on more complex challenges.

    Track and analyze outcomes

    Continuous improvement is critical for optimizing your MSP operations. As your team, clients, and assets under management evolve, so will your alerting needs. Use your ticketing system and RMM reporting to analyze what is and isn’t working, and fine tune your alerts over time.

    How to streamline remote monitoring

    Optimizing your remote monitoring and RMM alerts can save you time and money. The three RMM alerting best practices below will help you efficiently scale your implementation with Syncro.

    Bulk-assign policies

    Syncro allows MSPs to bulk assign policies to multiple IT assets. (Image Source)

    Policies are collections of monitoring rules and configurations that can be applied in bulk to IT assets. For example, a policy may define a set of resource utilization thresholds and script execution rules relevant to all the Windows 2022 Servers in your RMM inventory. Instead of manually assigning the policies to each asset, you can bulk assign the policies and use policy inheritance to cascade the policy to all the assets in a set of folders and subfolders.

    Choose pre-built conditions and actions

    Pre-built condition and action categories make building RMM automations simple. (Image Source)

    The Syncro platform has a library of pre-built condition categories and actions MSPs can use to build automated remediations for their RMM alerts. Examples of condition categories include Alert Body, Asset Name, Automation Has Never Run, Customer, Rate Limit, Trigger Category, and more. You can use these categories to build context-driven rules that help ensure your automations run under specific, predictable conditions.

    Similarly, pre-built actions such as Convert to Ticket, Clear Alert, Post to Slack, Run Script, and Email Technician allow you to quickly and efficiently complete the business logic for a remediation.

    Enhance customization with ready-made scripts

    The Syncro platform supports a library of ready-made scripts. (Image Source)

    The ability to incorporate a script allows you to customize automated remediations to meet specific use cases. While support for custom scripts is great, and PowerShell scripting is a superpower all MSPs should have, it’s even better when you don’t have to write the scripts yourself.

    Syncro has a large library of scripts to help you get started. In some cases, you may even gain inspiration from the library for new remediations you can add to your list of automations.

    Boost efficiency with Syncro’s RMM alerting

    Syncro’s automated remediation capabilities empower MSPs to respond to alert conditions automatically. (Image Source)

    Syncro is an all-in-one integrated MSP platform that empowers MSPs to configure, customize, and scale their RMM alerts to help them run a more profitable business. With robust RMM and PSA capabilities, Syncro provides MSPs with the tools they need to take their business to the next level with granular alerts and automated remediation.

    To try Syncro and see exactly what it can do for your business, sign up for a free product demo today!

    Stay in the know with our Newsletter

    Receive info on how to grow your MSP right in your inbox

    Artificial Intelligence for IT: Insights, Benefits, & the Future of IT Service Delivery

    Download Now