Event Management tag based alert clustering tag form

  • Release version: Washingtondc
  • Updated February 1, 2024
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Event Management Tag Based Alert Clustering Tag Form

    The Event Management tag based alert clustering tag form allows IT Operations Management customers to create or modify tags that cluster alerts based on specific criteria. This facilitates better organization and management of alerts, enhancing operational efficiency.

    Show full answer Show less

    Key Features

    • Name: Unique identifier for the clustering tag, defaulting to a description of the configured tag after saving.
    • Customized Name: Option to customize the tag name, which is enabled by checking a box.
    • Description: Optional field to provide additional context about the tag.
    • Source: Select the source for field matching, including options like Alert Field, Alert CI, or Alert additional info.
    • Selected Field: Indicates which field must match for alerts to be grouped.
    • Match Method: Choose from Exact, Fuzzy, or Pattern matching to define how alerts are grouped.
    • Similarity: Specify the percentage of similarity required for grouping when Fuzzy matching is selected.

    Key Outcomes

    Utilizing the tag based alert clustering tag form enables ServiceNow customers to effectively group alerts based on defined criteria, improving the clarity and response to incidents. This structured approach to alert management aids in prioritizing responses based on the nature of alerts, ultimately enhancing IT service operations.

    The form for creating or modifying a tag based alert clustering tag displays detailed information about the tag.

    Table 1. Tag based alert clustering tag form
    Field Description
    Name Name of the clustering tag. Defaults to a description of the configured tag (such as, Exact match on Alert Field "metric name").

    The default name is visible only after saving the tag.

    Tag names must be unique.
    Customized name Select the check box to customize the value in the Name field.
    Domain The domain in which the current record was created. Read-only.
    Description Enter an optional description of the tag.
    Source Select the source from which to choose the field to be matched.
    • Alert field
    • Alert additional info
    • Alert CI
    • Alert CI key
    • Alert tags

    If you select Alert additional info, choose an Additional Info Key instead of a field.
    Selected field Indicate the field that has to match between alerts for the alerts to be included in a group.

    Appears when you select Alert Field or Alert CI in the Source field.
    Key Indicate the Key that has to match between alerts for the alerts to be included in a group.

    Appears when you select Alert additional info in the Source field, or appears when you select Alert tags in the Source field.

    When Alert additional info is selected, enter the name of one of the fields in the additional info field.

    When Alert tags is selected, enter the name of the relevant alert tag.
    CMDB key Indicate the CMDB key to match for the alerts to be included in a group.

    Appears when you select Alert CI Key in the Source field.
    Match method Select the type of match required for the alerts to be included in a group.
    • Exact: Indicates that the field value must be an exact match for the alert to be included in a group.

      For example, you can configure an alert clustering tag indicating that the alert's Metric name field must be an exact match to form a group. When invoking that tag, all alerts with identical values in the Metric name field are included in the same group.

    • Fuzzy: Indicates that the field value needs to be an approximate match (depending on the value configured in the Similarity field) for the alert to be included in a group.
    • Pattern: Indicates that the field value needs to follow the pattern in the Pattern field. For correct syntax and usage examples, see Pattern matching.
    Similarity Specify the similarity percentage that must be met by the alerts to be included in a group. For example, entering 50 indicates that at least 50 percent of the indicated value must appear in the alert for the alert to be included in the group.

    Appears only when Fuzzy is selected as the Match Method value.

    Default value = 90