Exclude patterns from learned patterns

  • リリースバージョン: Australia
  • 更新日 2026年03月12日
  • 所要時間:2分

    • Exclude CI-based or CI class-based alerts and patterns when you encounter alerts incorrectly added to a learned pattern by the Learned Patterns job. For example, a pattern might include an alert that occurred at the same time as other alerts but is not actually related to them. This maintains accuracy, ensuring better alert groupings and improved management efficiency.

    始める前に

    Role required: evt_mgmt_admin

    このタスクについて

    You select the incorrect alert in a pattern to exclude the entire pattern to which it belongs.
    注:
    When you exclude an incorrect alert, any other patterns containing that alert are also excluded.

    手順

    1. Navigate to All > Event Management > Reporting > Learned Patterns.
      Exclude pattern navigation
    2. On the Learned Patterns page, expand the anomalous pattern.
      Expanded patterns
    3. Select the pattern name to open it for exclusion.
    4. On the SA Alert Aggregation Learned Pattern page, select Exclude.
      Option to exclude the selected pattern

    タスクの結果

    The entire pattern is removed from the Learned Patterns report and listed on the Excluded Patterns page, located at Event Management > Administration > Excluded patterns.

    If the pattern includes other alerts, you can restore it by reclaiming those alerts as a learned pattern. For further details, see Restore excluded patterns.