Event Management tag based alert clustering tag form
Summarize
Summary of Event Management tag based alert clustering tag form
The tag based alert clustering tag form in ServiceNow's Event Management enables you to create or modify clustering tags that group alerts based on specific tag criteria. This form captures detailed information about the tag, helping to organize alerts more efficiently by matching key alert attributes.
Show less
Key Features
- Name: Automatically generated unique name describing the configured tag; customizable after saving.
- Domain: Read-only field indicating the domain where the record was created.
- Description: Optional field to provide additional context about the tag.
- Source: Defines the origin of the alert field used for matching. Options include Alert field, Alert additional info, Alert CI, Alert CI key, and Alert tags.
- Selected Field/Key/CMDB Key: Depending on the source selected, these fields specify which attribute or key must match between alerts to be grouped together.
- Match method: Determines how alert values are matched within a group:
- Exact: Values must be identical.
- Fuzzy: Values must be approximately similar, controlled by the Similarity percentage.
- Pattern: Values must follow a defined pattern.
- Similarity: When using Fuzzy match, sets the minimum percentage of similarity required for alerts to be clustered together. The default is 90%.
Practical Use for ServiceNow Customers
By configuring tag based alert clustering tags, you can enhance alert grouping accuracy in Event Management, which reduces noise and improves incident response efficiency. Selecting the appropriate source and match method allows you to tailor alert clustering to your organization's specific monitoring data, helping you identify related alerts faster and manage them collectively.
The form for creating or modifying a tag based alert clustering tag displays detailed information about the tag.
| Field | Description |
|---|---|
| Name | Name of the clustering tag. Defaults to a description of the configured tag (such
as, Exact match on Alert Field "metric name"). The default name is visible only after saving the tag. Tag names must be unique. |
| Customized name | Select the check box to customize the value in the Name field. |
| Domain | The domain in which the current record was created. Read-only. |
| Description | Enter an optional description of the tag. |
| Source | Select the source from which to choose the field to be matched.
If you select Alert additional info, choose an Additional Info Key instead of a field. |
| Selected field | Indicate the field that has to match between alerts for the alerts to be included
in a group. Appears when you select Alert Field or Alert CI in the Source field. |
| Key | Indicate the Key that has to match between alerts for the alerts to be included
in a group. Appears when you select Alert additional info in the Source field, or appears when you select Alert tags in the Source field. When Alert additional info is selected, enter the name of one of the fields in the additional info field. When Alert tags is selected, enter the name of the relevant alert tag. |
| CMDB key | Indicate the CMDB key to match for the alerts to be included in a
group. Appears when you select Alert CI Key in the Source field. |
| Match method | Select the type of match required for the alerts to be included in a group.
|
| Similarity | Specify the similarity percentage that must be met by the alerts to be included
in a group. For example, entering 50 indicates that at least 50 percent of the
indicated value must appear in the alert for the alert to be included in the group.
Appears only when Fuzzy is selected as the Match Method value. Default value = 90 |