How to prevent child alerts from generating incidents (alert aggregation)

Go to solution
Mp1999
Tera Contributor

‎06-27-2024 12:53 AM

Hello everyone,

I would like to know if there is a way, through business rules or any other method, to create incidents only for the parent alert and not for the child alerts that are generated. I am attaching an image. Thanks in advance

Mp1999_0-1719474819027.png

 

0 Helpfuls
  • 617 Views
1 ACCEPTED SOLUTION

Go to solution
Pratiksha
Mega Sage
Mega Sage
In response to Mp1999

‎06-27-2024 09:21 AM

Check the trigger condition for this. It should work. 

 

Please accept the answers and mark them helpful 🙂

View solution in original post

0 Helpfuls
7 REPLIES 7

Go to solution
Pratiksha
Mega Sage
Mega Sage

‎06-27-2024 01:19 AM

alert management rule - > trigger condition should check if the parent field is empty on the alert. Also, you can make sure that incident is getting created only for primary alerts.

0 Helpfuls

Go to solution
Mp1999
Tera Contributor
In response to Pratiksha

‎06-27-2024 02:05 AM

Hi @Pratiksha  ,

My filters are set up like this, but I still see alerts that are part of a group, such as the secondary group, continue to generate incidents:

Mp1999_2-1719479132128.pngMp1999_3-1719479146711.png

 

0 Helpfuls

Go to solution
Pratiksha
Mega Sage
Mega Sage
In response to Mp1999

‎06-27-2024 03:25 AM - edited ‎06-27-2024 03:54 AM

Group should be primary or empty. 

 

Also, OOB their is an alert management rule for primary alerts. Check it out in your PDI

Go to solution
Mp1999
Tera Contributor
In response to Pratiksha

‎06-27-2024 08:09 AM

Thank you very much, @Pratiksha   I have achieved my goal, but I still have one question: regarding alerts that have the group CMDB, how do these alerts behave and why do they never trigger incidents? Thank you very much in advance!

Mp1999_0-1719500956025.png

 

0 Helpfuls