Numerous tools have been developed to aid in network management involving capacity planning, fault management, network monitoring, and performance measurement. One example of such tools is the network analyzer.
In general, a “network analyzer” is a program that monitors and analyzes network traffic, detecting bottlenecks and problems. Using this information, a network manager can keep traffic flowing efficiently. A network analyzer may also be used to capture data being transmitted on a network. The term “network analyzer” may further be used to describe a program that analyzes data other than network traffic. For example, a database can be analyzed for certain kinds of duplication. One example of a network analyzer is the SNIFFER® device manufactured by NETWORK ASSOCIATES, INC®.
During use of such network analyzers, users often can monitor network utilization, error rate, application response time, and/or numerous other parameters associated with network traffic and use. To facilitate this analysis, network analyzers often utilize static thresholds for applying to the foregoing parameters to bring a problem to the attention of a user. When, for example, a threshold is surpassed or met, an alert may be generated to prompt user action or further analysis and/or investigation.
Unfortunately, such thresholds are static in that they are applied independent of changes in the network. In other words, the thresholds are set independent of a status or configuration of the network. Thus, when one of the parameters changes in a detrimental manner to prompt an alert based on a threshold, it is assumed that this indicates a problem in a network requiring troubleshooting, etc. Unfortunately, this assumption leads to numerous false alerts. For example, if the threshold is met only due to a component being added, removed, or altered; the user is nevertheless prompted to further analyze or investigate the situation. Resources are thus wasted due to these false alerts.
There is thus a need for techniques of preventing changes in a network from prompting false alerts during network analysis.