- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-08-2024 08:38 AM
What is the difference between alert clustering tags and alert clustering definition
and log analytics , rule based , automated , CMDB and text base alert group with example.
Solved! Go to Solution.
- Labels:
-
Event Management
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-09-2024 07:05 AM
Hi @b__HanumeshM ,
Refer the below.
alert clustering definition :
An alert clustering definition determines the conditions that must be met for invoking one or more alert clustering tags. Alert clustering tags enable you to create an alert group from fewer alerts.
alert clustering tag:
Tag-based alert clustering enables you to easily create groups of alerts. It is a non-code method of alert grouping that correlates alerts without having to use CMDB or model training. This simpler way of grouping similar alerts reduces the overall noise of a large quantity of alerts.
Tag-based alert clustering is enabled immediately after activation of the Tag-Based Alert Clustering Engine application available in the ServiceNow Store. This clustering works in parallel with existing ServiceNow alert correlation algorithms. Alert clustering tags are attached to definitions on a many-to-many (M2M) basis. Multiple tags can belong to a single definition, and tags can belong to more than one definition. Groups created from tag-based alert clustering definitions are created as a Tag Cluster group type.
Also below are the Alerts grouping
log analytics - It will help to group alerts based on Logs Data in Logs Analytics is enable.
Rule based - You can configure your custom Alert Management Correlation rule like if a Network is done and associated CI is also down and you received Network event as Primary and after that Associated CI alerts, So you ca Group them and create a Single Alert as Parent and Child grouping as well as Single Incident will be created.
Automated - This is based on Time Series and Machine Learning Means if ServiceNow ML learn Pattern and See the behaviour of Alerts based on time Series it will group those.
CMDB - In this Alerts will be correlated based on Same CI and CI relationship , what you have configured till which level relationship can be consider for CMDB correlation and grouping, Refer the Event Management Correlation and Properties.
text base alert group - This is based on text grouping.
Refer the below docs.
Please appreciate the efforts of community contributors by marking appropriate response as Mark my Answer Helpful or Accept Solution this may help other community users to follow correct solution in future.
Thank You
AJ - TechTrek with AJ
Linkedin:- https://www.linkedin.com/in/ajay-kumar-66a91385/
YouTube:- https://www.youtube.com/@learnitomwithaj
ServiceNow Community Rising Star 2024
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-09-2024 07:05 AM
Hi @b__HanumeshM ,
Refer the below.
alert clustering definition :
An alert clustering definition determines the conditions that must be met for invoking one or more alert clustering tags. Alert clustering tags enable you to create an alert group from fewer alerts.
alert clustering tag:
Tag-based alert clustering enables you to easily create groups of alerts. It is a non-code method of alert grouping that correlates alerts without having to use CMDB or model training. This simpler way of grouping similar alerts reduces the overall noise of a large quantity of alerts.
Tag-based alert clustering is enabled immediately after activation of the Tag-Based Alert Clustering Engine application available in the ServiceNow Store. This clustering works in parallel with existing ServiceNow alert correlation algorithms. Alert clustering tags are attached to definitions on a many-to-many (M2M) basis. Multiple tags can belong to a single definition, and tags can belong to more than one definition. Groups created from tag-based alert clustering definitions are created as a Tag Cluster group type.
Also below are the Alerts grouping
log analytics - It will help to group alerts based on Logs Data in Logs Analytics is enable.
Rule based - You can configure your custom Alert Management Correlation rule like if a Network is done and associated CI is also down and you received Network event as Primary and after that Associated CI alerts, So you ca Group them and create a Single Alert as Parent and Child grouping as well as Single Incident will be created.
Automated - This is based on Time Series and Machine Learning Means if ServiceNow ML learn Pattern and See the behaviour of Alerts based on time Series it will group those.
CMDB - In this Alerts will be correlated based on Same CI and CI relationship , what you have configured till which level relationship can be consider for CMDB correlation and grouping, Refer the Event Management Correlation and Properties.
text base alert group - This is based on text grouping.
Refer the below docs.
Please appreciate the efforts of community contributors by marking appropriate response as Mark my Answer Helpful or Accept Solution this may help other community users to follow correct solution in future.
Thank You
AJ - TechTrek with AJ
Linkedin:- https://www.linkedin.com/in/ajay-kumar-66a91385/
YouTube:- https://www.youtube.com/@learnitomwithaj
ServiceNow Community Rising Star 2024
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-11-2024 04:59 AM
Thank you @AJ-TechTrek 😊
