Alert Correlation
The Alert Correlation dashboard gives you insights into the impact of correlation on your business operation.
Limited Availability
This feature is available in a limited release. If you are interested in enabling this functionality for your organization, contact your BigPanda account team.
Alert Correlation is the process of grouping related alerts into meaningful, actionable incidents. BigPanda uses pattern recognition to automatically process the data generated by your monitoring systems, dynamically clustering alerts based on the rich context available from the alert enrichment process.
The Alert Correlation Dashboard helps you see trends in alert correlation, and measure correlation effectiveness across your monitoring sources. You can use this dashboard to gain insights into how alert correlation is impacting different parts of your business, and identify areas that can be optimized.
Key Features
- View your correlation percentage across all incidents.
- Focus on the correlation impact for actioned incidents.
- Visualize trends in alert correlation.
- See the business impact of alert correlation and find areas to improve.
Widgets
The following widgets are available in the Alert Correlation dashboard:
| Widget | Description |
|---|---|
| Total Alerts | The total number of alerts received by BigPanda. |
| Total Incidents | The total number of incidents created. |
| Alert Correlation % | The percent of alerts that were correlated into incidents. |
| Correlation % Trending | A bar chart displaying the number of incidents and alerts over time, and the correlation percentage. The dark blue section represents incidents, light blue represents alerts, and the green trend line is the correlation percentage. |
| Correlation % by Source System | Displays correlation information about each monitoring tool. The following information is displayed in the table: • Alert count • Incident count • Correlation % • Alerts per incident • Single alert incidents • Single alert % • Merge/Split counts |
| Average Alert Counts | Displays a distribution of the average number of alerts per incident. The bottom section of the chart displays the number of alerts per incident, and the left section shows the number of incidents containing the given number of alerts. |
| Correlation % by Application | Displays correlation information about each normalized application. The following information is displayed in the table: • Application name • Alert count • Incident count • Correlation % • Average alerts • Single alert incidents • Single alert % • Merge/split counts |
| Correlation % by Host | Displays correlation information about each normalized host. The following information is displayed in the table: • Host name • Alert count • Incident count • Correlation % • Average alerts • Single alert incidents • Single alert % • Merge/split counts |
Filters
The Alert Correlation dashboard allows you to filter by:
- Incident Start
- Actioned Incidents
- Share Target
- Host
- Application
Learn more about using filters and widget options in the Filter Dashboards documentation.
Updated 14 days ago