Duplicate incidents are created in different priorities for same device in the same time

Suraj biswal
Tera Contributor

‎05-15-2024 12:09 AM

Incidents are created from the Alert management rule, We are getting duplicate incidents in different priorities for the same device at the same time.

0 Helpfuls
  • 428 Views
5 REPLIES 5

Mark Manders
Mega Patron

‎05-15-2024 12:41 AM

And what is your question? 
If this is something you aren't expecting: check the Alert management rules you have set up, since they are creating the incidents. Probably somewhere there isn't a check on the uniqueness of an issue. Or are it different alerts, but just related to the same incident? In that case you need to put some validation on that.

You don't ask a question, you don't provide the rules, you don't give any information about what is expected and what is not. If you want help, you will need to provide information with which we can help you.


Please mark any helpful or correct solutions as such. That helps others find their solutions.
Mark
0 Helpfuls

Suraj biswal
Tera Contributor
In response to Mark Manders

‎05-15-2024 03:37 AM

At a time three different incidents were created in different priorities such as  (P4, P3, and P2) from different alert rules for the same configuration item. for same device multiple priority incident is generating at the same time it is duplicate raising of same issue with different incident numbers and different priorities. How can we stop it?

0 Helpfuls

Mark Manders
Mega Patron

‎05-15-2024 05:21 AM

Make sure your alert rules are unique. If alert contains X make it P1, if Y make it P2, etc. Or build in a check to see if there already is an incident with a higher priority. It should be configured that an Alert starts looking through the rules in an order and if it finds one (with the highest order/highest priority), it should no longer search further.

And if you have different alerts on the same device, you should add logic to see if an incident already exists and update the necessary information on that ticket.
We can't see what you configured, what is happening and how your process is defined. So nothing more can be said than this.


Please mark any helpful or correct solutions as such. That helps others find their solutions.
Mark
0 Helpfuls

Suraj biswal
Tera Contributor
In response to Mark Manders

‎05-15-2024 10:21 PM

Surajbiswal_0-1715836332285.png

Above condition used for P3 incident.

Surajbiswal_1-1715836473464.png

Above condition used for P2.

Surajbiswal_2-1715836601970.png

Above condition used for P4. Above three multiple priorities incidents are created for same device at the same time. alert conditions are different but it is creating at the same time.

 

0 Helpfuls