Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Time based alert grouping?

Andreas Astrom
Andreas Astrom January 21, 2020

Hi there,

we're currently using PagerDuty but I've started to look over the fence on Opsgenie. 

It looks feature rich but I can't find any resources on time based alert grouping. 

It's a very useful feature in PagerDuty which will group alerts that come in during a predefined time-window into one incident assuming that alerts that are triggered within the same time-window most lightly originate from the same problem. 

This works well for us since we've got quite a lot of monitoring going on in our Fibre Network and the time-based alert grouping will reduce the noise during bigger events.

Is there a way to achieve the same outcome with Opsgenie?

Thanks,

Andreas

Answer
Watch
Like Kate Clavet likes this
2332 views

1 answer

1 accepted

0 votes
Answer accepted
Nick H
Nick H
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 22, 2020

Hi Andreas,

Opsgenie does have alert correlation that acts in a similar fashion:

https://docs.opsgenie.com/v1.0/docs/correlate-alerts-with-incident-1

Essentially if you have an ongoing service disruption (with your Fibre Network), alerts can be associated to an incident during the window its open - and group to the 'same problem' as you mentioned:

https://docs.opsgenie.com/v1.0/docs/correlate-alerts-with-incident-1#section-associating-alerts-with-an-existing-incident

Additionally - the incident updates, timeline, post-mortem and reports can be created/exported to incorporate all the data tied to the service disruption: 

https://docs.opsgenie.com/v1.0/docs/incident-timeline

https://docs.opsgenie.com/v1.0/docs/postmortems

https://docs.opsgenie.com/v1.0/docs/post-incident-analysis-report

I know that's a lot of information and doc. sharing so please let us know if you have any additional follow up questions.

Best,

Nick

View More Comments
Andreas Astrom
Andreas Astrom January 22, 2020

Thanks for your reply Nick,

I did see that there's an alert correlation feature but I'm not sure that it works in the same way as the PagerDuty time based grouping feature. 

There are no matching rules going on when alerts are grouped together in an incident, the only common denominator is that they appear in the same time window, hence most lightly originating from the same event.

Has anyone implemented this behavior in Opsgenie?

Like
Nick H
Nick H
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 23, 2020

I'm personally not familiar with PD's time-based grouping feature, but within an Opsgenie service's incident rule - multiple matching rules (and/or conditions) can be defined to associate alerts into one incident. 

This does not have time-based functionality since it's all dependent on an ongoing incident, so the filter does need to be defined to match the alerts in order to associate them:

Fibre.jpg

Like # people like this
Andreas Astrom
Andreas Astrom January 27, 2020

Thank you that's helpful for my evaluation!

Like Nick H likes this
Nick H
Nick H
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 28, 2020

Welcome! Please let us know if you run into any other questions or issues. And if you decide to move forward with trialing Opsgenie, we offer an in-app live chat bubble that my team and I can help with.

Like
Amir Salar Makhzani
Amir Salar Makhzani June 24, 2021

Hi Nick, 

if I understand correctly the OG feature group multiple alerts into one Incident but we need to Group various Alerts into one , so it is not flooding our on-call staff with notifications. For example if we have a Fibre break , there are various alerst trigerred (OSPF, BGP, Interface, ....) which are obviously caused by same reason , which is the Fibre break. 

So we are looking to configure Opsgenie in a way that if there are more than for eample 3 alerts generated within 5 minutes, Opsgenei Group them into ONE SINGLE ALERT NOTIFICATION, and notify our engineer. Then the negineer can open that one notification and see all other alerts which are grouped. 

is it something currently built in, or you are planning to add as a feature?

Like Blaize Banevedes likes this
Reply

Suggest an answer

Log in or Sign up to answer
Opsgenie
Opsgenie
TAGS
AUG Leaders

Atlassian Community Events

    See all events