Thank you for your feedback.
Form temporarily unavailable. Please try again or contact docfeedback@servicenow.com to submit your comments.

Alert group types

Log in to subscribe to topics and get notified when content changes.

Alert group types

Alerts are correlated, or grouped, either automatically or manually into (R)ule-based, (A)utomated, (M)anual, or (C)MDB alert groups. Grouping alerts enables you to narrow down problems by focusing on the primary alerts in the correlated group.

You can learn about Event Management grouping of alerts from this video tutorial:

When evaluating incoming alerts to form alert groups, the types of group that alerts might potentially belong to, are considered in the following order. After an alert becomes part of a group, it is not available for any other group.
  1. Rule-based
  2. Manual
  3. Automated
  4. CMDB

You can view all alert groups by navigating to Event Management > Alert Insight Alert Intelligence.

The icon in the Group column denotes the alert group type. Alerts that do not have an entry in the Group column are not correlated with any group.

At any given time, an alert can only belong to a single alert group.

Note: The filter that defines Alert Groups should not be on fields that do not appear in the em_alert_history table because impact calculation is not calculated properly. This situation occurs because fields like Event Count, Priority, and Priority Group are not copied to the em_alert_history table for impact calculation.
Table 1. Alert group types
Type Icon Description More information
Rule-based R Related alerts that have been grouped according to compliance with alert correlation rules. Alert correlation rules are used to group alerts that are related. Create an alert correlation rule
Automated A Automated groups are:
  • Groups that are aggregated automatically by alert aggregation and RCA. A virtual alert is added to the group as the primary alert of the group.
  • The Aggregated type of automated group is formed when two or more alerts have the same CI type and metric name.
Automated alert groups
Manual M Alerts that have been manually grouped. Create a manual alert group
CMDB C Based on CI relationships in the CMDB, for CIs without historical data that could have been used to group alerts. CMDB alert groups
Double-click the Group column for an alert group to open its Grouped Alerts dialog box, where you can:
Feedback