- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-25-2019 08:53 AM
I am receiving alert/event priority/severity from alerting tool under description and name. What is the best way to set the incident priority based on that?
Do you suggest to create a custom BR for setting the priority of the incident or is there any setting which can be utilized?
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-25-2019 12:58 PM
If you're event source isn't mapping to the "severity" field of the event or alert, then your event rule (might need to add one) needs to take the value from the additional info field and map it to severity (might have to create an event field mapping entry if the source doesn't use the same severity codes as ServiceNow, 0, 1, 2, 3, 4, 5).
In London, when we introduced alert management rules, there also became a set of Flow Designer actions and flows for creating an incident. The action "Calculate Values (Based on the Alert)" has logic for setting incident fields... a snippet is below that sets the Urgency of the incident
var getIncidentUrgency = function(){
var incidentSeverity;
if(inputs.severity == 1 || inputs.severity == 2)
incidentSeverity = 1;
else if (inputs.severity == 3 || inputs.severity == 4)
incidentSeverity = 2;
else if (inputs.severity == 5)
incidentSeverity = 3;
return incidentSeverity;
}
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-25-2019 01:23 PM
It is in your alert management rules. There is one OOB that makes a incident off a high sev alert. Just use that as your guide and go from there.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-25-2019 01:24 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-25-2019 12:58 PM
If you're event source isn't mapping to the "severity" field of the event or alert, then your event rule (might need to add one) needs to take the value from the additional info field and map it to severity (might have to create an event field mapping entry if the source doesn't use the same severity codes as ServiceNow, 0, 1, 2, 3, 4, 5).
In London, when we introduced alert management rules, there also became a set of Flow Designer actions and flows for creating an incident. The action "Calculate Values (Based on the Alert)" has logic for setting incident fields... a snippet is below that sets the Urgency of the incident
var getIncidentUrgency = function(){
var incidentSeverity;
if(inputs.severity == 1 || inputs.severity == 2)
incidentSeverity = 1;
else if (inputs.severity == 3 || inputs.severity == 4)
incidentSeverity = 2;
else if (inputs.severity == 5)
incidentSeverity = 3;
return incidentSeverity;
}
