Stats
Actions
Tags
Help us improve
Share bugs, ideas, or general feedback.
From superops-ai
Manages SuperOps.ai RMM alerts by listing, filtering, acknowledging, and resolving them from monitored assets. Covers alert types, severity levels, statuses, and automated workflows for MSP technicians.
npx claudepluginhub wyre-technology/msp-claude-plugins --plugin superopsHow this skill is triggered — by the user, by Claude, or both
Slash command
/superops-ai:alertsThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
SuperOps.ai RMM generates alerts when monitored conditions are triggered on managed assets. Alerts can indicate hardware issues, software problems, security events, or custom monitoring conditions. This skill covers alert listing, filtering, acknowledgment, resolution, and automated workflows.
Manages ConnectWise Automate alerts: lists active alerts, acknowledges them, views history, creates tickets. Covers sources (monitors, scripts, events), severity levels, lifecycle, status, and ticket integration.
Manages Atera alerts by viewing, acknowledging, resolving, and converting to tickets from monitored devices. Covers types, severity levels, sources for MSP monitoring.
Manages Datto RMM monitoring alerts: viewing, resolving, priorities, and 25+ context types including antivirus_ctx, eventlog_ctx, perf_disk_usage_ctx, ransomware_ctx.
Share bugs, ideas, or general feedback.
SuperOps.ai RMM generates alerts when monitored conditions are triggered on managed assets. Alerts can indicate hardware issues, software problems, security events, or custom monitoring conditions. This skill covers alert listing, filtering, acknowledgment, resolution, and automated workflows.
| Severity | Description | Typical Response |
|---|---|---|
| Critical | Immediate attention required | Respond within 15 minutes |
| High | Significant issue | Respond within 1 hour |
| Medium | Moderate concern | Respond within 4 hours |
| Low | Informational | Review during business hours |
| Status | Description |
|---|---|
| Active | Alert triggered and unaddressed |
| Acknowledged | Alert seen, being worked |
| Resolved | Issue fixed, alert closed |
| Auto-Resolved | Condition cleared automatically |
| Type | Description | Examples |
|---|---|---|
| Hardware | Physical component issues | Disk failure, high temperature |
| Performance | Resource utilization | High CPU, low memory, disk space |
| Security | Security events | Failed logins, malware detected |
| Service | Service state changes | Service stopped, process crashed |
| Patch | Update related | Critical patch pending |
| Connectivity | Network issues | Agent offline, connectivity lost |
| Custom | User-defined monitors | Custom script conditions |
| Field | Type | Description |
|---|---|---|
alertId | ID | Unique identifier |
message | String | Alert message/description |
severity | Enum | Critical, High, Medium, Low |
status | Enum | Active, Acknowledged, Resolved |
type | String | Alert category |
createdTime | DateTime | When alert was triggered |
acknowledgedTime | DateTime | When acknowledged |
resolvedTime | DateTime | When resolved |
| Field | Type | Description |
|---|---|---|
asset | Asset | Source asset |
client | Client | Associated client |
site | Site | Associated site |
monitor | Monitor | Triggering monitor |
ticket | Ticket | Linked ticket (if any) |
| Field | Type | Description |
|---|---|---|
acknowledgedBy | Technician | Who acknowledged |
resolvedBy | Technician | Who resolved |
resolutionNotes | String | Resolution details |
query getAlertList($input: ListInfoInput!) {
getAlertList(input: $input) {
alerts {
alertId
message
severity
status
type
createdTime
acknowledgedTime
resolvedTime
asset {
assetId
name
status
}
client {
accountId
name
}
site {
id
name
}
acknowledgedBy {
id
name
}
ticket {
ticketId
ticketNumber
}
}
listInfo {
totalCount
hasNextPage
endCursor
}
}
}
Variables - Active Critical Alerts:
{
"input": {
"first": 50,
"filter": {
"status": "Active",
"severity": ["Critical", "High"]
},
"orderBy": {
"field": "createdTime",
"direction": "DESC"
}
}
}
Variables - Alerts by Client:
{
"input": {
"first": 100,
"filter": {
"client": {
"accountId": "client-uuid"
},
"status": ["Active", "Acknowledged"]
}
}
}
Variables - Alerts by Type:
{
"input": {
"filter": {
"type": "Disk Space",
"status": "Active"
}
}
}
query getAlertsForAsset($input: AssetDetailsListInput!) {
getAlertsForAsset(input: $input) {
alerts {
alertId
message
severity
status
type
createdTime
monitor {
id
name
type
}
}
listInfo {
totalCount
hasNextPage
}
}
}
Variables:
{
"input": {
"assetId": "asset-uuid",
"first": 50,
"filter": {
"status": ["Active", "Acknowledged"]
}
}
}
query getAlert($input: AlertIdentifierInput!) {
getAlert(input: $input) {
alertId
message
severity
status
type
createdTime
acknowledgedTime
resolvedTime
asset {
assetId
name
ipAddress
status
client {
accountId
name
}
}
monitor {
id
name
type
threshold
condition
}
acknowledgedBy {
id
name
email
}
resolvedBy {
id
name
email
}
resolutionNotes
ticket {
ticketId
ticketNumber
status
}
history {
timestamp
action
performedBy {
name
}
notes
}
}
}
mutation acknowledgeAlerts($input: AcknowledgeAlertsInput!) {
acknowledgeAlerts(input: $input) {
success
acknowledgedCount
alerts {
alertId
status
acknowledgedTime
acknowledgedBy {
id
name
}
}
}
}
Variables - Single Alert:
{
"input": {
"alertIds": ["alert-uuid"],
"notes": "Investigating disk space issue on server"
}
}
Variables - Bulk Acknowledge:
{
"input": {
"alertIds": ["alert-1", "alert-2", "alert-3"],
"notes": "Bulk acknowledgment - scheduled maintenance window"
}
}
mutation resolveAlerts($input: ResolveAlertInput!) {
resolveAlerts(input: $input)
}
Variables:
{
"input": {
"alertIds": ["alert-uuid"],
"resolutionNotes": "Cleared temp files, disk space now at 45% free"
}
}
mutation createTicketFromAlert($input: CreateTicketFromAlertInput!) {
createTicketFromAlert(input: $input) {
ticketId
ticketNumber
subject
status
alert {
alertId
status
}
}
}
Variables:
{
"input": {
"alertId": "alert-uuid",
"subject": "Critical: Low disk space on ACME-SERVER01",
"priority": "HIGH",
"techGroup": {
"name": "Service Desk"
},
"additionalNotes": "Auto-generated from monitoring alert"
}
}
# Step 1: Get all active critical alerts
query getCriticalAlerts {
getAlertList(input: {
filter: {
status: "Active",
severity: "Critical"
},
orderBy: { field: "createdTime", direction: "ASC" }
}) {
alerts {
alertId
message
asset { name }
client { name }
createdTime
}
}
}
# Step 2: Acknowledge alert being worked
mutation acknowledgeAlert {
acknowledgeAlerts(input: {
alertIds: ["alert-uuid"],
notes: "Investigating issue"
})
}
# Step 3: Create ticket if needed
mutation createTicket {
createTicketFromAlert(input: {
alertId: "alert-uuid",
priority: "CRITICAL"
})
}
# Step 4: Resolve when fixed
mutation resolveAlert {
resolveAlerts(input: {
alertIds: ["alert-uuid"],
resolutionNotes: "Issue resolved - rebooted service"
})
}
query getAlertSummary {
criticalAlerts: getAlertList(input: {
filter: { status: "Active", severity: "Critical" }
}) {
listInfo { totalCount }
}
highAlerts: getAlertList(input: {
filter: { status: "Active", severity: "High" }
}) {
listInfo { totalCount }
}
acknowledgedAlerts: getAlertList(input: {
filter: { status: "Acknowledged" }
}) {
listInfo { totalCount }
}
recentResolved: getAlertList(input: {
filter: { status: "Resolved" },
first: 10,
orderBy: { field: "resolvedTime", direction: "DESC" }
}) {
alerts {
alertId
message
resolvedTime
asset { name }
}
}
}
query getClientAlertReport($clientId: ID!, $startDate: DateTime!, $endDate: DateTime!) {
getAlertList(input: {
filter: {
client: { accountId: $clientId },
createdTime: {
gte: $startDate,
lte: $endDate
}
}
}) {
alerts {
alertId
message
severity
status
type
createdTime
resolvedTime
asset { name }
}
listInfo { totalCount }
}
}
| Error | Cause | Resolution |
|---|---|---|
| Alert not found | Invalid alert ID | Verify alert exists |
| Already resolved | Alert already closed | Check current status |
| Permission denied | Insufficient access | Check user permissions |
| Asset offline | Cannot verify resolution | Note in resolution |
| Rate limit exceeded | Over 800 req/min | Implement backoff |
// Valid alert status transitions
const validTransitions = {
'Active': ['Acknowledged', 'Resolved'],
'Acknowledged': ['Resolved', 'Active'], // Can un-acknowledge
'Resolved': ['Active'], // Can reopen if issue returns
'Auto-Resolved': ['Active'] // Can reopen
};
function canTransition(currentStatus, newStatus) {
return validTransitions[currentStatus]?.includes(newStatus) || false;
}