Preview Intelligent Alert Grouping
Preview how the Intelligent Alert Grouping algorithm would automatically group existing alerts
The Preview Intelligent Alert Grouping feature gives service owners an overview of how Intelligent Alert Grouping would have grouped historic alerts into incidents on their service. This information can help inform how Intelligent Alert Grouping will group future alerts, since automatically grouped alerts mean fewer overall incidents and interruptions for responders.
Availability
This feature is available with our PagerDuty AIOps add-on, or with Legacy Event Intelligence. If you would like to sign up for a trial of PagerDuty AIOps features, please read PagerDuty AIOps Trials.
View the Preview Intelligent Alert Grouping Feature
Services with interesting and meaningful previews tend to have a high volume of incidents with some variance in their incident titles.
You can find the Preview Intelligent Alert Grouping feature by selecting an appropriate service in the web app:
- Navigate to Services Service Directory select the name of your desired service.
- Select Settings tab in the Reduce Noise section Edit.
- With Intelligent selected, click Preview.
Select Intelligent Alert Grouping
Note
If you do not see Intelligent as an option and you would like a free trial of Intelligent Alert Grouping, please read PagerDuty AIOps Trials.
Preview Details
The preview modal provides a rich view of how alerts would have been grouped into incidents over a given period of time. Previews are generated once a day and are based on alerts from the past 45 days.
The preview indicates the number of incidents that would have triggered without alert grouping, and how many fewer incidents your team would have been notified for, had Intelligent Alert Grouping been enabled. The preview assumes a 5 minute time window unless a time window with a different duration has been set for that service.
You will see metrics at the top of the preview, which are all calculated based on:
- Alerts: The total number of alerts this service has seen within the past 45 days.
- Incidents: The total number of incidents within the past 45 days this service would have seen without turning on any alert grouping.
- Number of Unique Incidents: The number of incidents that would have been triggered within the past 45 days, if the service had Intelligent Alert Grouping turned on.
- Number of Incidents Saved: The number of incidents that would have been saved from a trigger within the past 45 days, if the service had Intelligent Alert Grouping turned on.
Preview Intelligent Alert Grouping
You can expand each potential alert group to see how many and which alerts would have been grouped together into a potential incident. The date and time listed reflect when the first incoming alert was triggered. Please note that the title of the potential incident is derived from the first incoming alert — read more about this in the Alerts article.
Some services may have a large number of alert groups in this list. We recommend looking at some of the larger groups to get a sense of the grouping algorithm’s behavior. To learn more about the grouping algorithm, please see Intelligent Alert Grouping.
FAQ
I just triggered an incident/alert, why is it not appearing in the preview?
Expand
Previews are not generated in real time — they are generated once a day. If you have new alert data that you’d like the preview to take into account, please check back in 24 hours to see if a preview has been regenerated.
When will the preview on my service be updated?
Expand
New previews are calculated once a day, provided there have been sufficient alerts in the last few months. If a preview is unavailable on your service, it could be because the Intelligent Alert Grouping algorithm doesn’t have enough data to generate a new preview.
Existing previews are only deleted when a new preview is available to replace it.
There are some alerts appearing under potential incidents that I wouldn’t want to be grouped together, how can I adjust these groups?
Expand
While the preview is static and cannot be changed directly, you can still provide feedback on the quality of the groups you see and this feedback will help the algorithm learn and create better groups.
To provide feedback on the groups, go to the original incident and assign the alert to another incident, or merge incidents together. For steps on how to do this, see Editing Incidents.
After moving alerts and/or merging incidents, your changes will not be immediately reflected in the current preview, however you may notice a difference in the next preview.
One of my services is set to create incidents only (not alerts). Can I still use alert grouping and preview intelligent alert grouping?
Expand
Alert grouping options are available only if the service has alerts and incidents enabled. As long as you are using integrations that support alerts, you can change your service settings to enable alerts and incidents. See Alerts for more information about enabling alerts on a service.
Why do I see fewer alert groups than expected?
Expand
The preview modal’s table displays alert groups that have two or more alerts. Furthermore, only the top 10 alert groups are displayed, sorted by alert count.
Updated 1 day ago