Home Try it!
Try it!
Home Try it!
Try it!

Introduction to Network Alerts: Types, Best Practices, and How NetBeez Helps IT Teams

Network Monitoring
By Stefano Gridelli

September 17, 2025

Introduction to Network Alerts

Network alerts are events that happen when a network monitoring system detects a change in performance or anomaly. Alerts are important because they signal that a problem with a monitored resource is ongoing or about to happen and requires immediate attention by the IT team.

The ability to receive alerts enables IT teams to proactively detect, troubleshoot, and fix network and application outages. As a result, an alerting system is a key element of network management as it allows an organization to minimize network downtime and monitor its network health.

Network alerts.

How network alerts work

Network alerts are software functions that compare the status and performance of monitored resources against predefined triggering conditions. If the alerting conditions are satisfied, a network monitoring alert is triggered.

Most monitoring tools have a network alert management panel where the administrator can configure how to trigger alerts. Some tools may also support AI-based alerts, where an Artificial Intelligence determines when an alert should be triggered.

Ultimately, it’s important to create alert configurations that don’t generate false alarms, or false positives. In fact, false positives cause alert fatigue to the IT staff, which could lead to a reduced attention to future network alerts. As a result, it’s crucial to avoid desensitizing network administrators’ attention to the alerting system.

Types of Network Alerts

There are two different types of network alerts: threshold-based and anomaly detection alerts. These two types of network alerts are used for different purposes.

Threshold-based Alerts

Threshold-based alerts compare a periodic measurement against a fixed threshold. When the measurement goes above or below the threshold set, the network alert is triggered. This is the case, for example, when a monitoring system generates alerts when the packet loss of a connection is more than 2%.

Threshold based network alert.

This type of network monitoring alert is pretty simple to understand and configure. The difficult part is to select a threshold that makes sense and that doesn’t generate false positives. For this reason, the network administrator should set alerting thresholds based on network or applications’ requirements.

Anomaly Detection Alerts

Anomaly detection alerts are generated when an unusual or abnormal event is detected by the monitoring and alerting system. What defines an anomaly depends on the methods used to analyze patterns and trends.

The most common method to detect anomalies is by comparing a metric with its long term average. In this context, the long term average represents the metric’s baseline. The long term average could also be calculated by taking the median of a measurement within a given historical time period.

Other anomaly detection alerts include the analysis of daily, weekly, etc. patterns. Take for instance the bandwidth consumption within an office during work hours. Typically this value starts to increase at the first hours of the business day, peaks around the middle, and then flattens towards the end of the day. A monitoring system could generate a network alert if it detects a sudden drop in bandwidth usage, as a result of a network connectivity issue.

The Alerting System in NetBeez

NetBeez is a network performance monitoring solution that runs continuous tests against networks and applications. Each test is a network or application check that returns the status (up/down) and performance (e.g. timing or failure rate) of a destination IP, FQDN, or URL. Each test can generate one or more network alerts.

Alerting system in NetBeez

For example, a ping test provides the status of a destination host (reachable or not) as well as the network performance to reach the destination (e.g. round-trip time to the host). When running any test, NetBeez collects its real-time results, and stores them into the database for historical and statistical analysis.

The real-time and historical data is then analyzed on the spot to identify critical issues and trigger alerts. Alerts can then generate incidents, which are systemic performance degradation issues, as well as notifications for alert escalation.

NetBeez Alert Profiles

Like the most common network monitoring tools, NetBeez can generate network alerts based on thresholds or anomalies. These two methods, also known as alert profiles, are called watermark alerts and baseline alerts respectively. These two types of network monitoring alerts are called performance alerts.

Critical alerts

In NetBeez, there’s a third type of network alert that is called up-down, which is considered a critical alert. The goal of the up-down alert is to detect loss of network connectivity, as is the case for ping, or service unavailability, as in the case for HTTP or DNS tests. For this reason, up-down alerts also are called critical alerts.

The Network Alert Management in NetBeez

In NetBeez, the network alert management panel is located in the Anomaly Detection section within the NetBeez settings. This page is where the network administrator configures alerts and incidents and sets alerting thresholds.

Network alerts management in NetBeez

Introduction to Incidents

Incidents are degraded conditions that are determined by aggregating multiple network alerts generated. The aggregation is based on the monitored object. In NetBeez it can be a network monitoring agent (a monitoring appliance or software client), a target (an application or service monitored), or a Wi-Fi network (SSID).

The incident logic is based on the percentage of tests included within an agent, target, or SSID that generate alerts. This percentage is called incident threshold and determines the triggering condition for the incident itself.

The benefit of incidents is that they aggregate alerts into one single event, the incident, that is more meaningful than receiving multiple network alerts for the same event. The following graphic summarizes the concept.

Alerts, incidents, and notifications in NetBeez.

Agent incidents

Agent incidents signal that degraded network performance is ongoing at a remote site where a NetBeez network agent was installed, or at a remote user’s location where a NetBeez remote worker agent is running. By default, the agent incident threshold is set to 90%, meaning that at least 90% of tests need to trigger an alert.

Target incidents

A target incident is triggered when many agents that are configured to monitor a specific website or SaaS application detect a loss of service, or performance degradation issue. The threshold is set to 80% by default, meaning that at least 80% of the tests running against this target need to trigger an alert for the incident to be opened.

A target incident.

Wi-Fi incidents

A Wi-Fi incident signals that a wireless SSID is having problems which are detected by multiple NetBeez network agents that are testing that wireless network. A Wi-Fi incident could signal a common point of failure that is causing the incident to arise.

Introduction to Notifications

Notifications allow network monitoring tools to inform the IT team that a critical issue happened. NetBeez offers the flexibility to enable notifications only for alerts, incidents, or both events. This gives ample choices to the network administrator to skip receiving notifications of non critical alerts, and reduce alert fatigue.

Email based notification options in NetBeez.

Integrating Notifications with Other Monitoring Systems

NetBeez rarely plays as the only network monitoring solution adopted by an organization. In fact, the average enterprise has different network management systems in place. Integrating these tools together is important to enrich data sources into a complete root cause analysis for faster troubleshooting and repair. For example, an event correlation tool may need to receive network alerts from NetBeez and other systems in parallel. This can be done with integrations.

Standard Protocols

Integrating notifications with other network management, monitoring, and ticketing systems is easy in NetBeez. The system supports the following standard protocols for sending notifications about network alerts:

  • SMTP
  • Syslog
  • SNMP traps
  • Webhooks

Third-Party Integrations

On top of the standard protocols, NetBeez also includes out-of-the-box integrations with third party tools, such as:

  • Messaging applications like Microsoft Teams and Slack
  • Paging and incident handling solutions like PagerDuty and ServiceNow
  • Log analysis tools such as Splunk

Best Practices for Implementing Network Alerts

IT teams involved in alert management need to follow and implement best practices so that they can receive alerts about real issues, and avoid noisy and bogus notifications.

  • Differentiate alerts vs. incidents – Network monitoring alerts are single test failures; incidents capture broader outages across agents, targets, or Wi-Fi networks.
  • Use both critical and performance alerts – Up-down network alerts catch hard failures; performance alerts detect network performance degradation issues.
  • Tune thresholds carefully – When defining alerts, start with loose conditions and tighten over time to reduce false positives.
  • Match test type to alerting need – Use real-time tests (ping, DNS, HTTP) for availability; scheduled tests (speed, iPerf, VoIP) for throughput and quality metrics.
  • Avoid alert fatigue – Only alert on issues you can act on; don’t set overly aggressive triggers in noisy or variable environments.

Conclusion

Effective network alerts are crucial for maintaining the health and security of your network infrastructure. By configuring your alerting system to prioritize alerts and categorize alerts based on severity, you ensure that network administrators are alerted promptly to genuine issues requiring immediate action.

Implementing multiple thresholds and escalation paths allows teams to respond swiftly and provide insights that help mitigate potential issues before they escalate. Automated responses further enhance your ability to focus on critical network issues, especially during off hours, by ensuring alerts are action oriented and reduce alert fatigue.

Continuously reviewing alert configurations and notification channels is vital for maintaining control and adapting to evolving network traffic and security challenges. By following these best practices, organizations empower their IT teams to maintain network performance, security, and reliability with confidence.

decoration image

Get your free trial now

Monitor your network from the user perspective

You can share

Twitter Linkedin Facebook
Copy link

Link copied

Let's keep in touch

decoration image

Further Reading

Back to the Blog
Network Monitoring
blog image decoration image

August 6, 2025

Sniffnet: A Cross-Platform Network Monitoring Tool That Makes Traffic Analysis Accessible
Network Monitoring
blog image decoration image

July 23, 2025

Cloud Agents: Boosting Your Network Monitoring
Privacy Policy Terms of Use

@2025 NetBeez. All rights Reserved.