Activate network traffic-based alert grouping to automatically correlate and reduce alert noise by grouping related events based on network traffic patterns. This helps improve efficiency in alert response and streamlines alert management.

Antes de Iniciar

Ensure the Service Mapping Plus application (sn_sm_scoped_app) is installed.

Role required: evt_mgmt_admin

Por Que e Quando Desempenhar Esta Tarefa

Procedimento

1. Navigate to All > Event Management > Administration > Alert Correlation Properties.
2. Ensure that the property Enable Network Traffic correlation (sa_analytics.agg.query_network_traffic_correlation_enabled) is selected.