in Alert Correlation Properties, if we specify "Group By" property, which correlation uses it
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
5 hours ago
In event management, in the
Alert Correlation Properties
if we specific "Group By" property as suggested like any of the alert field, for example say I specific alert_cmdb_ci.location
Which one of the correlation type, out of all is impacted or will be using it ????
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
4 hours ago - last edited 4 hours ago
When grouping by alert_cmdb_ci.location, the system checks incoming alerts against CIs with matching locations. If the specified fields match, alerts are consolidated into a single alert group
Refer: https://www.servicenow.com/docs/r/it-operations-management/event-management/enable-alert-grouping.html
- “Group by” property, with comma-separated list of field names that need to have matching values across alerts to allow alerts to be grouped together. The property can contain alert field names (such as assignment_group), CI field names (such as alert_cmdb_ci.location), alert additional info field names (such as additional_info.state) or alert tags (such as t_data_center). When the specified field values match each other between alerts, those alerts can be grouped together (sa_analytics.agg.group_alert_with_same_group_by_fields).
Regards
Tanushree Maiti
ServiceNow Technical Architect
LinkedIn: https://www.linkedin.com/in/tanushreemaiti
