Event/Alert correlation based on alert description

Go to solution
chandrakumar
Tera Contributor

‎07-31-2025 09:48 AM

Hello All,

I have a requirement to correlate or group events/alerts based on their descriptions, provided they originate from the same location and organization.

For example, alerts with descriptions such as "device down", "CPU high", or "memory high" should be grouped together if they are from the same location and organization for the duration of 30 min, regardless of the node name.

Could someone please advise on how this can be implemented?

0 Helpfuls
  • 463 Views
1 ACCEPTED SOLUTION

Go to solution
AJ-TechTrek
Giga Sage
Giga Sage
In response to chandrakumar

4 weeks ago

Hi @chandrakumar ,

 

Refer the attached below screenshot and reference SN Documents for this.

 

Screenshot 2025-08-12 at 4.54.23 PM.pngScreenshot 2025-08-12 at 4.55.18 PM.png

 

https://www.servicenow.com/docs/bundle/zurich-it-operations-management/page/product/event-management...

 

https://www.servicenow.com/docs/bundle/washingtondc-it-operations-management/page/product/event-mana...

 

Please appreciate the efforts of community contributors by marking appropriate response as Mark my Answer Helpful or Accept Solution this may help other community users to follow correct solution in future.
 

Thank You
AJ - TechTrek with AJ - ITOM Trainer
LinkedIn:- https://www.linkedin.com/in/ajay-kumar-66a91385/
YouTube:- https://www.youtube.com/@learnitomwithaj
Topmate:- https://topmate.io/aj_techtrekwithaj (Connect for 1-1 Session)
ServiceNow Community MVP 2025

View solution in original post

5 REPLIES 5

Go to solution
chandrakumar
Tera Contributor
In response to AJ-TechTrek

3 weeks ago

Thanks @AJ-TechTrek  Ajay.

0 Helpfuls