Skip to content

Alert Aggregation Notification Template

Title

You have {N} {{level}} alert notifications

Content

No Aggregation

You have N new TrueWatch alerts

1 / 2:

Title

Content

Go to Workspace to View

Go to Workspace for AI Analysis

2 / 2:

Title

Content

Go to Workspace to View

Go to Workspace for AI Analysis

  • Go to Workspace to View: Jump to the Incident Explorer to view the current incident (filter condition: df_event_id)

Illustration:

Rule Aggregation

All

Related Incidents: 123

Aggregation Period: 2023/11/20 10:00 ~ 2023/11/20 10:05

Related Detection Rules:

  • {{Incident Title}} >>View
  • View: Jump to the Explorer to view all incidents generated by the current monitor during the aggregation period (filter condition: df_monitor_checker_id)

Illustration:

Detection Rule - Monitor

Detection Type: Monitor

Detection Rule Name: {{Host}} CPU exceeds {Result}%

Detection Rule ID: rule_cdbkjcbsdjcb1234445455

Related Incidents: 123

Aggregation Period: 2023/11/20 10:00 ~ 2023/11/20 10:05

Go to Workspace to View

Go to Workspace for AI Analysis

  • Jump to the Explorer to view incidents related to the current monitor (filter condition: df_monitor_checker_id)

Illustration:

Detection Rule - Intelligent Inspection

Detection Type: Intelligent Inspection

Detection Rule Name: {{Host}} CPU exceeds {Result}%

Detection Rule ID: rule_cdbkjcbsdjcb1234445455

Related Incidents: 123

Aggregation Period: 2023/11/20 10:00 ~ 2023/11/20 10:05

Go to Workspace to View

Go to Workspace for AI Analysis

  • Jump to the Explorer to view incidents related to the current Intelligent Inspection rule (filter condition: df_monitor_checker_id)

Illustration:

Detection Rule - SLO

Detection Type: SLO

Detection Rule Name: {{Host}} CPU exceeds {Result}%

Detection Rule ID: rule_cdbkjcbsdjcb1234445455

Related Incidents: 123

Aggregation Period: 2023/11/20 10:00 ~ 2023/11/20 10:05

Go to Workspace to View

Go to Workspace for AI Analysis

  • Jump to the Explorer to view incidents related to the current SLO (filter condition: df_monitor_checker_id)

Illustration:

Detection Dimension

Detection Dimension: service:kodo,host:test

Related Incidents: 123

Aggregation Period: 2023/11/20 10:00 ~ 2023/11/20 10:05

Related Detection Rules:

  • {{Incident Title}} >>View

Tags

Tags: service:kodo,host:test

Related Incidents: 123

Aggregation Period: 2023/11/20 10:00 ~ 2023/11/20 10:05

Related Detection Rules:

  • {{Incident Title}} >>View
  • Jump to the Explorer to view incidents related to the current detection rule (filter condition: df_monitor_checker_id)

Illustration:

Intelligent Aggregation

Title Clustering

Title: {{Host}} CPU exceeds {Result}%

Related Incidents: 123

Aggregation Period: 2023/11/20 10:00 ~ 2023/11/20 10:05

Related Detection Rules:

  • {{Incident Title}} >>View
  • Jump to the Explorer to view all incidents generated by the current detection rule during the aggregation period (filter condition: df_monitor_checker_id)

Illustration:

Content Clustering

Title: {{Host}} CPU exceeds {Result}%

Related Incidents: 123

Aggregation Period: 2023/11/20 10:00 ~ 2023/11/20 10:05

Related Detection Rules:

  • {{Incident Title}} >>View
  • Jump to the Explorer to view all incidents generated by the current detection rule during the aggregation period (filter condition: df_monitor_checker_id)

Illustration:

AI Aggregation

Title: title: Summary of this alert.

Suggestion: suggestion: Recommendations for handling the current alert.

{xxx related} Alert Aggregation: "summary": "Multiple hosts have CPU and memory anomalies, with the highest anomaly value being 98% (host 172.16.200.108). Host 1

Related Detection Rules: df_monitor_checker_ids: Involved monitors (rule IDs).

{xxx related} Alert Aggregation: "summary": "Multiple hosts have CPU and memory anomalies, with the highest anomaly value being 98% (host 172.16.200.108). Host 1

Related Detection Rules: df_monitor_checker_ids: Involved monitors (rule IDs).

Example:

Title: During the aggregation period, 3 monitors triggered alert incidents, generating 19 alert notifications.

Suggestion: Prioritize handling high-frequency alert hosts. Host 172.16.200.101 involves CPU anomalies, memory anomalies, and communication issues, requiring comprehensive inspection. Check alert correlations, as multiple monitors (rule IDs) involve host resources (CPU, memory) and module communications, possibly indicating a systemic issue. Optimize monitoring strategies to reduce repeated alerts in a short time, combining time windows for alert noise reduction.

Host-related Alert Aggregation: Multiple hosts have CPU and memory anomalies, with the highest anomaly value being 98% (host 172.16.200.108). Host 172.16.200.101 simultaneously triggers CPU and memory alerts, requiring focused inspection.

Related Detection Rules: title View("rul_e68e2d5e620b40c691128a399de3f479")

Application-related Alert Aggregation: Multiple hosts have CPU and memory anomalies, with the highest anomaly value being 98% (host 172.16.200.108). Host 172.16.200.101 simultaneously triggers CPU and memory alerts, requiring focused inspection.

Related Detection Rules: title View("rul_e68e2d5e620b40c691128a399de3f479")

Illustration: