Hi Buddy,

Yes — this is a common requirement, and you’re right that PA alone isn’t ideal for near real-time spike detection. It’s built more for trending and reporting, not minute-by-minute alerting.

Most teams handle this in one of three ways:

• If ITOM/AIOps is available: use anomaly detection (Metric Intelligence). It’s designed to spot abnormal spikes against a baseline rather than just fixed thresholds.

• Platform-only approach: create a lightweight scheduled check that runs every few minutes, counts incidents in a rolling window, and triggers an alert if it jumps beyond expected levels.

• MetricBase (if in use): push incident counts as a time-series metric and use predictive/anomaly capabilities there.

PA threshold alerts will work, but running data collection every 5 minutes isn’t the intended pattern and can create load.

So if the goal is true “spike detection,” I think the best path is:

• AIOps/anomaly detection if licensed

• otherwise a simple rolling-window monitor script/flow rather than PA collectors.

@VarunK312799563 - if help u answer; please mark Solution Accepted and Thumbs Up