All Products
Search
Document Center

:Intelligent grouping and merging of alerts

Last Updated:Aug 29, 2023

Alerts that are duplicate, redundant, or relevant can be grouped and merged in custom mode or in intelligent mode. In custom mode, alerts are grouped and merged based on custom rules. In intelligent mode, alerts are grouped and merged based on intelligent algorithms. Simple Log Service sends only one alert notification for alerts in a merge set within a specified period of time. This helps denoise the alerts. This topic describes the principles and configurations of merging alerts in intelligent mode.

Principles

In intelligent mode, Simple Log Service groups and merges alerts by learning the similarities and relevance among alerts based on natural language processing (NLP) algorithms and the following attributes:

  • Alert Name

  • Alert Project

  • Alert Label

  • Alert Annotation

In custom mode, Simple Log Service groups and merges alerts based on built-in merge conditions or custom merge conditions. For more information, see Merge alerts.

Configurations

When you create an alert policy, turn on Intelligent Merge Mode to enable the intelligent grouping and merging feature. For more information, see Create an alert policy. The following table describes the parameters. Intelligent Merge Mode

Parameter

Description

Merge by

Configure the condition to merge alerts. Valid values: Full Text and Custom.

  • Full Text: Alerts are intelligently merged based on Alert Name, Alert Project, Alert Label: All, and Alert Annotation: All.

  • Custom: Alerts are intelligently merged based on the custom merge condition that you configure. You can specify Alert Name and Alert Project, and configure Alert Label and Alert Annotation based on your business requirements.

Action Policy

Select an action policy. For more information, see Create an action policy.

Group Wait

Specify the interval between the time when a merge set is created and the time when the first alert notification for the merge set is sent. During the interval, alerts are automatically merged based on intelligent algorithms. Then, an alert notification for the merge set is sent.

Repeat Interval

Specify the interval between two alert notifications for a merge set for which an alert notification has been sent.