Design and Implementation of an Open Alarm Platform for Monitoring Systems

With the continuous growth of the 58 Group’s business, many teams built their own monitoring systems to meet personalized alerting needs, leading to an increasing demand for a unified alert delivery solution. The Open Alarm Platform addresses this by offering alert convergence, merging, and multi‑channel delivery capabilities through a simple API.

Design Philosophy – Data Model The platform’s data model is divided into three parts: basic data (unique ID, timestamp, status, recipients, upload interval, alert details), alert strategy (trigger conditions, max send count, delivery methods, escalation methods), and merge dimensions (customizable by business context such as IP, cluster, metric, recipient). This structure enables the platform to ingest a wide range of alerts.

System Architecture The platform consists of five core modules: Data Ingestion, Alert Convergence, Alert Control, Alert Merging, and Alert Delivery. External monitoring systems only need to connect to the Data Ingestion module, after which they can customize strategies, convergence rules, severity levels, merge dimensions, and recipients. The architecture builds on the core modules of the 58 monitoring system and adds openness and generality.

Stability To ensure high reliability, the platform employs self‑monitoring via the third‑party component AntEye, disaster‑recovery with multi‑node deployment and consistent hashing, and backup‑restore mechanisms for alert data, preventing single‑point failures and duplicate alerts.

Functional Design and Practice

Alert Strategy – Clients determine abnormal states and send status, strategy, and other data to the platform; the platform automatically generates recovery alerts when normal data resumes.

Alert Convergence – Clients can configure upload intervals, send intervals, and maximum send counts to avoid alert storms.

Alert Levels – Four delivery methods (voice, SMS, WeChat, email) can be selected individually or combined, represented as bit flags for efficient backend processing.

Alert Merging – Customizable merge dimensions (e.g., cluster, IP, metric) are handled by a decision‑tree algorithm that minimizes Gini impurity to produce a merge tree.

Alert Recipients – Clients provide OA usernames; the platform resolves contact details and excludes departed users.

Alert Viewing – Alerts are stored for query via “Alert Query – Single Alert” or “Merged Alert” interfaces.

Success Cases Integration with the Service Management Platform reduced alert volume by 85% through convergence and merging, and provided clearer, higher‑quality alerts. Screenshots demonstrate merged alerts versus single‑alert details.

Conclusion The Open Alarm Platform delivers alert convergence, merging, and multi‑channel delivery, allowing business lines to integrate their monitoring systems easily via APIs, thereby lowering the cost and effort of custom alert solutions.