Unable to Generate Multiple Alerts for Same Node Due to Message Key Aggregation

Durgaprasad Joi · 3 weeks ago

For Server node-down events, the SolarWinds team has configured two separate alert definitions and expects two incidents to be generated—one for each respective team (Server & Application team). However, due to the current alert aggregation logic based on the message key (which includes networkNodeId and netObjectId), only a single alert is being created.

If we modify the message key to address this, the alert reset event will no longer be able to close all related alerts correctly.

Given this, is there a way to generate separate alerts for each events associated with the same node (i.e., same networkNodeId and netObjectId) without changing the existing message key?

MushtaqMir · 3 weeks ago

Hi Durgaprasad Joi ,

Happy to share my inputs on this. To achieve separate incidents without changing the existing message key, you can leverage Workflow Designer along with alert management rules. This approach allows you to define logic that routes incidents to the respective teams while still maintaining proper closure behavior. In this way, two incidents can be generated—one for the Server team and one for the Application team—without impacting the alert closure functionality.