Alert group indicates a grouping of relatable and redundant alerts. Every alert group also has a corresponding incident (that start with CFXINC), which will be routed to ITSM systems as well as to Incident room module. Reviewing active Alert Groups will help understand list of correlations that the system has performed. Alert Groups list will provide information about alert group incident, severity, when it was created, how many alert messages are in that group and which correlation policy was used to create that message.
An alert group instance indicates a group of related alerts that were correlated based based on a correlation policy. Alert group dashboard provides details about
severity of the alert group
number of alerts in the group
number of assets impacted by the group
list of alerts in the group