Hello,
Need assistance with correlating alerts in ServiceNow based on the configuration items (CIs) relationships.
Scenario:
- The alert's CI is linked to a Mapped Application Service i.e "cmdb_ci_service_discovered" (e.g., ABC.500XXXX89)
- We want to apply correlation logic based on this Mapped Application Service.
Requirement:
- If the Mapped Application Service having more than one child services in the `cmdb_rel_ci` table, where child services also another mapped application service.
- The first alert, associated with the parent Mapped Application Service, should be treated as the primary alert.
- If subsequent alerts are received, where the CI corresponds to a child service of the parent, these should be grouped as secondary alerts.
- We aim to apply an Alert Correlation Rule based on both the CI relationships and the metric name of the alert.
Could you please advise on how to configure this correlation logic in ServiceNow?
Thank you!
