Alert correlation and fine tuning to reduce the no...

nvnbsibm · ‎03-02-2021

Hi,

We have implemented service now Integration with APPDynamics with service and we see lot of noise for the alert that are getting generated and we want to fine tune it and is there any best practices for the same which talks about correlation and finetuning to reduce the same

Mark_Byrne · ‎03-02-2021

Hiya,

What are your trigger conditions for the rule? Are they a simple count, or deviation from baseline? If so, you could try setting the rule to look for multiple occurrences in the last 30 minutes.

We've found this can substantially reduce the violations created by single spikes.

The process I go through for this is to look at each event, examine the data points in the metric browser that caused the event to trigger, and determine whether it was a true or false positive. From there I try to figure out a rule that wouldn't be triggered by the false positive. It can be a very iterative process....

Mark

iamryan · ‎03-02-2021

Hi @V N Bhavanishankar.N,

We have a Knowledge base article, How do I use AppDynamics with ServiceNow?

Please check it out and let me know if it helped! If you learn anything, please do share those learnings back as a reply to this post. Knowledge sharing is what drives this community forward.

Alert correlation and fine tuning to reduce the noise

Controller

Licensing

User Management

Buttercup Games: Further Dashboarding Techniques (Part 6)

Technical Workshop Series: Splunk Data Management and SPL2 | Register here!

Splunk Observability Synthetic Monitoring - Resolved Incident on Detector Alerts