Event Management Fundamentals (Yokahoma) Lab3.1 alert grouping issue

thebananek · ‎08-18-2025

On the course follow guide alerts created in lab3.1 should be grouped together but this is not the case in the instance. I checked some settings but I do not see anything related which would drive that alert grouping. The guide is pretty straightforward and I am 99% sure it is not my fault.

These alerts should be bounded together:

In lab guide it is shown like:

睿曲 · Friday

I encountered the exact same problem.

I checked the Alert Correlation Rules in the lab instance,
and there wasn't a rule based on the same CI as mentioned in the lab:

"Locate the most recent 'grouped' alert listed. This new virtual, primary automated alert group has been created because the critical alert and the minor alert from prior lab steps automatically group together since they bind to the same CI. Alert grouping is covered in more detail in the next module."