Join the #BuildWithBuildAgent Challenge! Get recognized, earn exclusive swag, and inspire the ServiceNow Community with what you can build using Build Agent.  Join the Challenge.

Alert correlation

MirzaSaquiB
Tera Contributor

15 hours ago

Can anyone help me in correlation

 

Alert A trigger and creates the incident.

 

Alert B triggered and correlate with Alert B 

 

Due to which Alert C group alert is created which is also created the incident.

 

But only 1 incident should be triggered. Is there a way to resolve thid issue.

0 Helpfuls
  • 168 Views
1 REPLY 1

jennifermetz1
Tera Contributor

13 hours ago - last edited 12 hours ago

Its hard to tell you the exact method without knowing more information about what type of data you are trying to correlate and what information is available and linked with each alert. Here are the use cases for reference.

 

You most likely could use rule based alert grouping. You would setup rules for a primary alert and secondary alerts. This is how you create an alert correlation rule. And this is additional information for filling out the alert correlation rule form.

 

Here is a great post on leveraging alert correlation and grouping for noise reduction

 

 

Jennifer Metz
Sr. ServiceNow Developer | Infosys
0 Helpfuls