Find your people. Pick a challenge. Ship something real. The CreatorCon Hackathon is coming to the Community Pavilion for one epic night. Every skill level, every role welcome. Join us on May 5th and learn more here.

Alert Correlation Rule Not working for Flapping (reopend) alerts - Tag based alert Correlation Rule.

Pratik Malviya
Tera Guru

Monday - last edited Monday

 

Hi ServiceNow Enthusiast,

I have configured an alert correlation rule using Alert Automation in the Service Operations Workspace (SOW). The alert grouping is functioning as expected for newly generated alerts; however, it does not appear to work for older alerts (approximately 30 days old) that have been reopened.


The correlation is based on tags (e.g., location) with a 15-minute time window.


Could you please assist in reviewing this behavior and advise on how it can be addressed? Your support in this matter would be greatly appreciated.


Thank you.



PratikMalviya_0-1777356547766.png

 






Please mark the appropriate response as correct answer and helpful, This may help other community users to follow correct solution.
Thanks,
Pratik Malviya
0 Helpfuls
  • 215 Views
3 REPLIES 3

Ankur Bawiskar
Tera Patron

Monday

@Pratik Malviya  

not very sure on this part.

Regards,
Ankur
Certified Technical Architect  ||  10x ServiceNow MVP  ||  ServiceNow Community Leader
0 Helpfuls

MattSN
Mega Sage

yesterday

 

There are a couple of properties to look at 
https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1346251


Also check evt_mgmt.active_interval property

 

0 Helpfuls

Pratik Malviya
Tera Guru
In response to MattSN

yesterday - last edited yesterday

Thanks @MattSN ,

However this would affect to all the correlation alert grouping. I want it for specific Alert Correlation rule.

Please mark the appropriate response as correct answer and helpful, This may help other community users to follow correct solution.
Thanks,
Pratik Malviya
0 Helpfuls