Hi,
Users will only be notified on responder alerts on priority P2 or P1. For P1 and P2 alerts an incident will be created (Associate, Owner and Responder).
Global Policies:
1. Decrease the priority of specific events from P2 to P3, some events have a too high priority
2. Next Global Policy assigns each alert to a specific team based on a unique identifier
Each team has a service which creates an incident on P1 and P2 and routes the alert to the on-call team.
This works perfectly fine if the priority is P1 or P2 from the very beginning.
Now, if the priority is lowered from P2 to P3 by the first Global Policy, things behave different.
1. Prio is decreased to P3 (OK)
2. The alert is assigned to the according team (OK)
3. Prio is increased (e.g. manually) from P3 to P2
This should create an incident and notify on-call team via the responder alert shouldn't it? Somehow the alert is not rerouted into the team routing rules even though the log says
Jul 23 9:28 AM system System
Alert matched to an incident rule of service [cbad14f8-5d82-4b44-9747-b46417d511d2]. Will not send notifications.
Jul 23 9:28 AM alertAction System
Alert priority has been updated to P2 via Jira[MonitPrj-Incoming as Task Major] with incomingDataId[41b8836b-3a04-49ca-a3bd-3b3dc1d79b61] using policy/policies[ArzInn 2] (Previous priority was P3). Will stop ongoing escalations and notification rule steps, and restart the notification flow as if the alert is newly created now.
But instead no incident is created. Anyone else seen this behavior or am I missing something?
Best regards,
Marcel
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.