Viewing an alert group analysis by Now Assist in Express List

  • Release version: Xanadu
  • Updated August 1, 2024
  • 1 minute to read

    • View an analysis of alert groups in Express List, generated by ServiceNow® Now Assist using AI. The analysis helps you better understand the nature of the alert group, why the alerts in the group were correlated, and how to proceed in the remediation process.

    The AI-driven alert group analysis offers a simplified, human-readable description of the group and technical information to help you investigate it more efficiently. The information provided is based on descriptions and Configuration Item (CI) details relating to the individual alerts in the group. Alert group analysis is supported for the following alert group types:

    Tag-based alert groups
    Tags help categorize alerts based on common attributes, such as impacted systems or services. Alerts in tag-based alert groups share certain tags, indicating similarities in the issues. The alert analysis for these groups presents the shared tags that were used to correlate the alerts in the group. It also provides insights into why these alerts were grouped. In addition, the analysis offers suggestions for a course of action based on the similarities between the tags.
    CMDB alert groups
    When an alert is created on a CI in the Configuration Management Database (CMDB), Event Management looks for alerts on other CIs that are closely related to it in the CMDB topology. A close topological relationship between CIs suggests an interdependence between components in the IT infrastructure and contributes to alert correlation. When a relationship between CIs is found, a CMDB alert group is formed. The alert analysis for CMDB alert groups explains the nature of the group and why it was formed, and the relationships between the CIs. It also provides technical information to help you decide on which alerts to concentrate your investigation.
    Log Analytics alert groups
    When Event Management identifies multiple Log Analytics alerts that are related in important ways, it groups them into a Log Analytics group. The system generates a Log Analytics group when the Log Analytics alerts share one or more relationships related to time, metadata, message text, and trend. The alert analysis for Log Analytics alert groups is based on the analysis of anomaly information provided by Health Log Analytics, and on the descriptions, CIs, and tags of the alerts in the group.