Event and Alert dashboard

  • Release version: Xanadu
  • Updated August 1, 2024
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Event and Alert Dashboard

    The Event and Alert dashboard leverages Performance Analytics to deliver real-time insights into events and alerts within Event Management. It focuses on essential metrics such as noise reduction, alert grouping coverage, and identifies the most affected configuration items (CIs). To utilize historical data, run the [PA EM] Historic Data Collection job from the Performance Analytics Data Collector.

    Show full answer Show less

    Key Features

    • Access and Permissions: Users with roles evtmgmtadmin or admin can edit the dashboard and manage permissions, while evtmgmtoperator or admin can view the dashboard and track events and alerts.
    • Breakdowns: The dashboard provides various graphical representations, including:
      • Noise Reduction: Line graph showing the compression rate from events to alerts.
      • Alerts Grouping Coverage: Line graph depicting the percentage of alerts aggregated into grouped alerts.
      • Incident Compression Rate: Line graph indicating the percentage of alerts not resulting in incidents.
      • Top Alert Sources: Bar chart displaying the number of alerts per source categorized by severity.
      • Most Impacted Configuration Items: Highlights CIs with the most alerts, including details like classification and ownership, aiding in targeted incident resolution.

    Key Outcomes

    By utilizing the Event and Alert dashboard, ServiceNow customers can effectively monitor and manage their event management processes. It enables teams to visualize trends and outcomes, prioritize critical issues based on impact, and enhance overall system stability and performance through informed decision-making.

    The Event and Alert dashboard uses Performance Analytics to provide real-time visibility into events and alerts in Event Management, showcasing key trends, outcomes, and the most impacted configuration items. It highlights metrics such as noise reduction, alert grouping coverage, and top alert sources.

    Events and Alerts dashboard.

    Run the [PA EM] Historic Data Collection job once to enable the partial collection of historical Event Management data:
    1. Navigate to All > Performance Analytics > Data Collector > Jobs.
    2. Select [PA EM] Historic Data Collection.
    3. Select Execute Now.

    Prerequisites

    Ensure that the Event Management application is installed.

    Required ServiceNow AI Platform roles

    • evt_mgmt_admin
    • evt_mgmt_operator

    Access the Events and alerts dashboard

    To open the dashboard, use one of the following methods:
    • Navigate to All > AIOps Dashboards > AIOps Operational > Events and Alerts.
    • Navigate to Workspaces > Service Operations Workspace and select the AIOps Dashboards icon (AIOps Dashboards icon.).

      By default, the Events and Alerts tab is selected.

    Use cases

    For examples of how different people in your organization would use this dashboard, see these use cases.
    User Dashboard use
    evt_mgmt_admin or admin Edit the dashboard and grant view and share permissions.
    evt_mgmt_operator or admin View the dashboard and details of the records contained in it to visualize and track events, alerts, trends, outcomes, and the most impacted Configuration Items in your organization.

    Breakdowns

    Breakdowns available in the Event and Alert dashboard are:

    • Trends
    • Outcomes

    Reports

    Title Type Description
    Noise reduction (events to alerts compression) Line graph The compression rate from events to alert creation. The higher the number, the fewer alerts are being created.
    Alerts grouping coverage Line graph The percentage of alerts aggregated into grouped alerts over time.
    Incident compression rate

    Line graph

    The percentage of alerts that did not result in incident creation. A higher percentage means more alerts were resolved without generating incidents.
    Top 20 alert sources (last 7 days) Bar chart The number of alerts per source categorized by severity over the last 7 days.
    Top 20 event sources (last 5 days) Bar chart The number of events per source categorized by severity over the last 5 days.
    Alerts without CI (created on last 7 days) Line graph The number of alerts without CI binding created over the last 7 days.
    Alerts grouping (last 7 days) Bar chart The distribution of grouped alerts over the last 7 days.

    Most impacted Configuration Items

    The Most Impacted Configuration Items section of the Event and Alert dashboard provides a comprehensive overview of the configuration items (CIs) that are most impacted by the issue. This section lists key details such as the name of each CI, the number of associated alerts, their classification (such as application service), and location. Additionally, it identifies the owner and support group responsible for each CI, facilitating targeted and efficient incident resolution. By highlighting the most impacted CIs, this section helps prioritize critical assets and resources, ensuring that the most significant issues are addressed promptly to maintain system stability and performance.