Is there a function within ServiceNow that can raise an alert or incident when alert volume is higher then a baseline? We are looking to be notified when there is a large uptick in volume to take a closer to look to see if they are related.
Yes, you can write an alert management rule and check for the overall event count field for a certain number of events before creating an incident or any escalation/notification.
I don't think this is what we are looking for. We want to create an additional notification when alert numbers spike over a baseline. Assume we normally see 10 to 15 alerts an hour but now we see 30. This might be an indicator that we have a larger problem affecting multiple systems.
not any specific type. more generic all up volume. We can create a flow with a static threshold but I was hoping for something more dynamic generating a baseline and spikes.
