in Alert Correlation Properties, if we specify "Group By" property, which correlation uses it
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
In event management, in the
Alert Correlation Properties
if we specific "Group By" property as suggested like any of the alert field, for example say I specific alert_cmdb_ci.location
Which one of the correlation type, out of all is impacted or will be using it ????
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago - last edited 3 weeks ago
When grouping by alert_cmdb_ci.location, the system checks incoming alerts against CIs with matching locations. If the specified fields match, alerts are consolidated into a single alert group
Refer: https://www.servicenow.com/docs/r/it-operations-management/event-management/enable-alert-grouping.html
- “Group by” property, with comma-separated list of field names that need to have matching values across alerts to allow alerts to be grouped together. The property can contain alert field names (such as assignment_group), CI field names (such as alert_cmdb_ci.location), alert additional info field names (such as additional_info.state) or alert tags (such as t_data_center). When the specified field values match each other between alerts, those alerts can be grouped together (sa_analytics.agg.group_alert_with_same_group_by_fields).
Regards
Tanushree Maiti
ServiceNow Technical Architect
LinkedIn: https://www.linkedin.com/in/tanushreemaiti
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hi ,
Thanks for sharing your input here, but what I wanted here if use any of the alert field in the group by property which particular type of correlation will be using it.
Like if it match, who will use it out of the below
Automated Correlation
ML based automated correlation
