event managemnt
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-08-2024 08:38 AM
Hi All,
I am working on the Priority Change of the Incident:
1- When the Description Contains CPU and the Threshold ranges from 85% - 95% the priority of Incident should be "P3"
2- When the Description Contains CPU and the Threshold ranges above 95% the priority of Incident should be "P2"
I have created an Alert management rules which is working properly, but how to tackle the issue like when the event trigger suppose with threshold "89%" and incident with P3 created when again the event trigger with same message key but the threshold now is above 95% So need to update the priority as P2 but i am not able to update the incident when the higher threshold reached.
Thanks & Regards
Mirza Saquib Beg
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-08-2024 09:54 AM
@mirza_saquib You must create a BR to modify the incident when the value is greater than 95%. Generate a script initially and share it with us so we can help.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-08-2024 12:06 PM
Hey @mirza_saquib ,
You should be able to use the Alert Management Rule for this.
- With your existing Alert Management Rule, change the filter such that Alert Management is triggered whenever there is a change in the alert's threshold (i.e. 'Rule is activated when' = 'Alert changes to filter')
- Create a Flow that would either create a new Incident or update the severity of an existing Incident that is associated with the alert
Haven't done this myself but sounds most logical to me.
Hope it helps!
