ServiceNow Event Management Alert Correlation rules
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hello Community,
I have a question regarding Alert Correlation Rules. I need to set the Alert Group field to “Network” when two alerts arrive from the same CI. How can I achieve this? This is for the Group field, not the Assignment Group field. Is there any other way to accomplish this aside from using a Correlation Rule? Please refer to the attached screenshot.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
You can try to run business rule on alert table. Here is how i would go about:
1)Run Business rule before insert
2)Check if same CI exist or not
3)Check the state whether its open or close
4)Count number of times query has run
5) if count of that CI is 1 or greater, set Alert Group field to Network
You can consider above steps and make changes according to use-case if u r going for Business rule
Mark this helpful if it provides answer to your query.
Regards,
Mohammed Zakir
