# Alert Mappings Alert notifications are ingested from disparate monitoring tools into CloudFabrix AIOps platform and each of them follow different format with different alert attributes. Some of the below attributes (not limited to) are important ones in general related to any incoming alert. * Alert Timestamp * Alert Status * Alert Severity * Alert Source * Alert Message Below are three sample alert notifications payload from VMware vROps, Nagios & AppDynamics. As shown in the below, the alert attributes are completely different from each other. ![](/files/-Ma_uCbhEL7BM_9CYaOx) In CloudFabrix AIOps platform, it is a prerequisite to normalize these alert attributes coming from different monitoring tool sources to a common data model. Below are list of attributes which are used as part of the alert mapping process. Every ingested alert will go through Alert mapping process and their's payload attributes are mapped to the below standard attributes. {% hint style="info" %} Not all below attributes are mandatory to be mapped. The attributes that are flagged with **\*** are mandatory ones. {% endhint %} * **alertCategory:** An attribute which can be used to categorize the alert * **alertType:** An attribute to classify type of alert * **assetId:** An attribute which can be used to identify the source of alert (Endpoint identity) * **assetIpAddress:** An attribute that is used to identify the IP Address of the end point * **assetName\*:** An attribute that is used to identify the AssetName of the end point (ex: Hostname / Devicename) * **assetType:** An attribute that is used to identify type of the Asset or the end point (ex: VM / Server / Storage / CPU / Memory etc) * **clearedAt\*:** Alert timestamp that is used to identify when the alert was cleared * **componentId:** An attribute to associate a sub-component ID of an endpoint from which the alert was generated * **componentName:** An attribute to associate a sub-component name of an endpoint from which the alert was generated * **message\*:** Alert message that states the symptom or problem which has caused the alert * **raisedAt\*:** Alert timestamp that is used to identify when the alert was occured * **severity\*:** Alert's severity (Ex: Critical, Warning, Minor etc..) * **status\*:** Alert's state (Open / Closed / Active / Recovered / Cancelled) * **alertkey\*:** Alert's unique identifier which is used to identify an incoming alert and to apply alert de-duplication process. It can be taken from a single alert attribute or a combination of alert's attributes **Alert ingestion with alert mapping process (normalization) data flow:** ![](/files/-Ma_xcK3S8WFroJK5xRK) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://oiadocs.cloudfabrix.io/features-guide/alert-correlation/alert-mappings.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.