Splunk AppDynamics

Alert correlation and fine tuning to reduce the noise

nvnbsibm
New Member

Hi,

We have implemented service now Integration with APPDynamics with service and we see lot of noise for the alert that are getting generated and we want to fine tune it and is there any best practices for the same which talks about correlation and finetuning to reduce the same

Labels (3)
Tags (1)
0 Karma

Mark_Byrne
Path Finder

Hiya,

What are your trigger conditions for the rule? Are they a simple count, or deviation from baseline? If so, you could try setting the rule to look for multiple occurrences in the last 30 minutes.

We've found this can substantially reduce the violations created by single spikes.

The process I go through for this is to look at each event, examine the data points in the metric browser that caused the event to trigger, and determine whether it was a true or false positive. From there I try to figure out a rule that wouldn't be triggered by the false positive. It can be a very iterative process....

Mark

iamryan
Community Manager
Community Manager

Hi @V N Bhavanishankar.N,

We have a Knowledge base article, How do I use AppDynamics with ServiceNow? 

Please check it out and let me know if it helped! If you learn anything, please do share those learnings back as a reply to this post. Knowledge sharing is what drives this community forward. 

0 Karma
Get Updates on the Splunk Community!

Developer Spotlight with Brett Adams

In our third Spotlight feature, we're excited to shine a light on Brett—a Splunk consultant, innovative ...

Index This | What can you do to make 55,555 equal 500?

April 2025 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this ...

Say goodbye to manually analyzing phishing and malware threats with Splunk Attack ...

In today’s evolving threat landscape, we understand you’re constantly bombarded with phishing and malware ...