Alert Groups

‚Äč

Alert group indicates a grouping of relatable and redundant alerts. Every alert group also has a corresponding incident (that start with CFXINC), which will be routed to ITSM systems as well as to Incident room module. Reviewing active Alert Groups will help understand list of correlations that the system has performed. Alert Groups list will provide information about alert group incident, severity, when it was created, how many alert messages are in that group and which correlation policy was used to create that message.

Reviewing Alert Groups

Alert Group Dashboard

An alert group instance indicates a group of related alerts that were correlated based based on a correlation policy. Alert group dashboard provides details about

  • severity of the alert group

  • correlation policy

  • number of alerts in the group

  • number of assets impacted by the group

  • list of alerts in the group