Hi folks,
I have this customer that receives alerts for one log file input, and he is receiving 4 incidents that look the same in a 5-10 minutes window. Of course, the first one is important, but the rest of them is just noise, as he is already handling the issue. How can we receive only the first one and "ignore" the rest of them? Here's a screenshot for reference.
Hi Joanne,
Opsgenie has a feature called alert deduplication which, instead of creating new alerts, increases the count of an open 'matching' alert. This feature was designed to reduce alert noise.
It works by using the "alias" field in the alert. Any alert payload that reaches Opsgenie where the alias field matches an alert that is already open, it will increase the count of that open alert rather an opening a new alert. Notifications are not sent out when an alert count is increased.
To use this feature, you will want to navigate to the integration that created that alert and set the alias field to a dynamic value that will cause deduplication for alerts that have some matching criteria.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.