Alert Aggregation Notification Template¶

Title¶

You have {N} {{severity}} alert notifications

Content¶

Not Aggregated¶

You have N new Guance alerts

Item 1 / 2:

Title

Content

Go to workspace to view

Go to workspace for AI analysis

Item 2 / 2:

Title

Content

Go to workspace to view

Go to workspace for AI analysis

Go to workspace to view: navigate to the Incident Explorer to view current incident (filter condition: df_event_id)

Screenshot:

Rule Aggregation¶

All¶

Related incidents: 123

Aggregation period: 2023/11/20 10:00 ~ 2023/11/20 10:05

Associated detection rules:

{{event title}} >>View

View: navigate to the Explorer to view all incidents generated by the current monitor within the aggregation period (filter condition: df_monitor_checker_id)

Screenshot:

Detection Rule - Monitor¶

Detection type: Monitor

Detection rule name: {{Host}} CPU exceeded {Result}%

Detection rule ID: rule_cdbkjcbsdjcb1234445455

Related incidents: 123

Aggregation period: 2023/11/20 10:00 ~ 2023/11/20 10:05

Go to workspace to view

Go to workspace for AI analysis

Navigate to the Explorer to view associated incidents of the current monitor (filter condition: df_monitor_checker_id)

Screenshot:

Detection Rule - Intelligent Inspection¶

Detection type: Intelligent Inspection

Detection rule name: {{Host}} CPU exceeded {Result}%

Detection rule ID: rule_cdbkjcbsdjcb1234445455

Related incidents: 123

Aggregation period: 2023/11/20 10:00 ~ 2023/11/20 10:05

Go to workspace to view

Go to workspace for AI analysis

Navigate to the Explorer to view associated incidents of the current intelligent inspection rule (filter condition: df_monitor_checker_id)

Screenshot:

Detection Rule - SLO¶

Detection type: SLO

Detection rule name: {{Host}} CPU exceeded {Result}%

Detection rule ID: rule_cdbkjcbsdjcb1234445455

Related incidents: 123

Aggregation period: 2023/11/20 10:00 ~ 2023/11/20 10:05

Go to workspace to view

Go to workspace for AI analysis

Navigate to the Explorer to view associated incidents of the current SLO rule (filter condition: df_monitor_checker_id)

Screenshot:

Detection Dimension¶

Detection dimension: service:kodo,host:test

Related incidents: 123

Aggregation period: 2023/11/20 10:00 ~ 2023/11/20 10:05

Associated detection rules:

{{event title}} >>View

Tags¶

Tags: service:kodo,host:test

Related incidents: 123

Aggregation period: 2023/11/20 10:00 ~ 2023/11/20 10:05

Associated detection rules:

{{event title}} >>View

Navigate to the Explorer to view associated incidents of the current detection rule (filter condition: df_monitor_checker_id)

Screenshot:

Intelligent Aggregation¶

Title Clustering¶

Title: {{Host}} CPU exceeded {Result}%

Related incidents: 123

Aggregation period: 2023/11/20 10:00 ~ 2023/11/20 10:05

Associated detection rules:

{{event title}} >>View

Navigate to the Explorer to view all incidents generated by the current detection rule during the aggregation period (filter condition: df_monitor_checker_id)

Screenshot:

Content Clustering¶

Title: {{Host}} CPU exceeded {Result}%

Related incidents: 123

Aggregation period: 2023/11/20 10:00 ~ 2023/11/20 10:05

Associated detection rules:

{{event title}} >>View

Navigate to the Explorer to view all incidents generated by the current detection rule during the aggregation period (filter condition: df_monitor_checker_id)

Screenshot:

AI Aggregation¶

Title: title: Brief summary of this alert.

Action suggestion: suggestion: Suggestions for handling the current alert.

{xxx related} alert clustering: "summary": "Multiple hosts show CPU and memory anomalies, with a maximum anomaly value of 98% (host 172.16.200.108). Host 1

Associated detection rules: df_monitor_checker_ids: Involved monitors (rule IDs).

{xxx related} alert clustering: "summary": "Multiple hosts show CPU and memory anomalies, with a maximum anomaly value of 98% (host 172.16.200.108). Host 1

Associated detection rules: df_monitor_checker_ids: Involved monitors (rule IDs).

Example:

Title: During the aggregation period, a total of 3 monitors triggered alert events, generating 19 alert notifications.

Action suggestion: Prioritize high-frequency alert hosts. Host 172.16.200.101 involves CPU anomalies, memory anomalies, and communication issues and requires comprehensive inspection. Check alert correlations; multiple monitors (rule IDs) involve host resources (CPU, memory), and module communications may indicate systematic issues. Optimize monitoring strategies to reduce repeated alerts triggered within short periods, combining time windows for alert noise reduction processing.

Host-related alert clustering: Multiple hosts show CPU and memory anomalies, with a maximum anomaly value of 98% (host 172.16.200.108). Host 172.16.200.101 simultaneously triggered CPU and memory alerts and needs focused inspection.

Associated detection rules: title view ("rul_e68e2d5e620b40c691128a399de3f479")

Application-related alert clustering: Multiple hosts show CPU and memory anomalies, with a maximum anomaly value of 98% (host 172.16.200.108). Host 172.16.200.101 simultaneously triggered CPU and memory alerts and needs focused inspection.

Associated detection rules: title view ("rul_e68e2d5e620b40c691128a399de3f479")

Screenshot:

Alert Aggregation Notification Template¶

Title¶

Content¶

Not Aggregated¶

Rule Aggregation¶

All¶

Detection Rule - Monitor¶

Detection Rule - Intelligent Inspection¶

Detection Rule - SLO¶

Detection Dimension¶

Tags¶

Intelligent Aggregation¶

Title Clustering¶

Content Clustering¶

AI Aggregation¶

Is this page helpful? ×