Event Management Fundamentals (Yokahoma) Lab3.1 alert grouping issue

thebananek · 4 weeks ago

On the course follow guide alerts created in lab3.1 should be grouped together but this is not the case in the instance. I checked some settings but I do not see anything related which would drive that alert grouping. The guide is pretty straightforward and I am 99% sure it is not my fault.

These alerts should be bounded together:

In lab guide it is shown like:

thebananek · 4 weeks ago

Lab guides you to generate 2 sample events. After processing there are 2 alerts linked to the same CI. I did it. Based on that action they should be bounded together under parent alert and it should happen automatically - without user intervention.

GlideFather · 4 weeks ago

I still see very limited requirements 😉 but in the book screenshot it's Source = Group Alert and your screenshot shows Source = PSScript.

Maybe try to repeat the steps from steps, sometimes it requires impersonation or another dependencies from previous steps, that is something we cannot see without the access to the lab and your lab instance..

Also, the minimum score to pass the lab is 80 % so in case you already have more you can skip this step... in case that you think you did it correctly and it was just not validated for some reason and it's not a dependency for future steps

———
/* If my response wasn’t a total disaster ↙️ ⭐ drop a Kudos or Accept as Solution ✅ ↘️ Cheers! */

thebananek · 4 weeks ago

From the doc video the magic should be done by ML (Alert grouping types) but it doesn't happen. Lab guide doesn't stick to the reality 🙂 I am wonder if others face the same issue.