Create Ignore automation

  • Release version: Zurich
  • Updated July 31, 2025
  • 3 minutes to read

    • Ignore automation streamlines the process of disregarding irrelevant or false-positive alerts from monitoring systems, efficiently managing alert fatigue by filtering out unnecessary notifications. This allows teams to focus on critical issues.

    Before you begin

    Role required: evt_mgmt_admin, evt_team_operator, or srm_responder

    About this task

    Ignore automations filter out alerts from source monitoring systems that match specific conditions. Separately, Event Management ignores alerts that have a duplicated message key field or where the severity is Clear.

    For users familiar with the classic Event Management experience, ignore automations provide a simpler interface with enhanced team support for the event filter section of event rules.

    Note:
    Ignoring alerts before enriching them improves performance and simplifies the processing flow. The condition filter in ignore automations applies only to the original event, not the enriched one. Enrich automations can prevent ignore automations from running when Don't run other enrich alert automations is set to false, they apply to the same source, have a lower order, and match the filter conditions. To avoid conflicts, it is best to consider this when creating enrichments or event rules.

    Procedure

    1. Navigate to Workspaces > Service Operations Workspace.
    2. From the bottom of the navigation pane, select the AIOps configuration center icon ITOM AIOps configuration center icon.
      The ITOM AIOps configuration center page appears. The configuration center is a centralized workspace. Use it to configure and manage AIOps features from a single place.
    3. On the ITOM AIOps configuration center page, under the Optimize section, select Ignore alerts
      The Ignore alerts page is displayed.
      Figure 1. Alert automation page
      Alert automations page with option to create automation to enrich, group, or escalate and notify.
    4. Select Create automation.
      Ignore automation creation page
    5. In the Automation name field, enter the name of the automation for ignoring alerts.
    6. Activate the automation by enabling the Active toggle switch.
    7. In the If these conditions are met, don't add an alert in ServiceNow section, set up filter criteria to identify the events you want to capture.
      1. From the Assignment group field menu, select the assignment group to determine which team’s alerts will trigger the automation.

        The Assignment group represents a specific team responsible for handling certain alerts. By selecting an assignment group, you ensure that only the alerts assigned to that particular team will trigger the automation. This way, the automation is targeted and only activates for relevant alerts associated with the selected team.

        Note:
        • If you’re logged in to the instance with an administrator role (evt_mgmt_admin), all of the assignment groups are available. Additionally, you can select All groups to enable generating alerts for any of the available groups.
        • If you’re an operator, only the group you’re a part of is available.
        • Only members of the selected group or administrators can update or delete the automation.
      2. From the Source field menu, select the monitoring tool from where the alert is generated.
      3. Set up the conditions by selecting the field, operator, and field value. Then, add more conditions using OR or AND operators.

        To add another set of conditions, select + New condition set. You can also manually add an additional info field if you don’t see it in the drop-down list.

    8. To verify that you are ignoring the correct events or to see examples of fields that can be used to set the conditions, select Load past events.
      You can preview the details of some past events.
    9. In the Automation details section, provide an order and automation description.
      Ignore automation details section.
      1. In the Order field, enter the automation order.
        Note:
        Automations run in order from the lowest to the highest.

        The Automation is managed by field displays the team or assignment group who owns, edits, and can delete this automation. The assignment group is the same as the one defined in the If these conditions are met section.

      2. In the Automation description field, enter a brief description of the automation.
    10. Select Save automation.
      A notification appears when the automation is successfully saved. Otherwise, an error message is displayed. The ignore automation that you created appears on the Ignore alerts page where you can view, edit, or delete the existing automation.

    What to do next

    You can transform raw events into an understandable format by creating Create Enrich automation.