Incident Enrichment

Incident Enrichment is a process for applying contextualized business logic through enrichment to an incident (or group of alerts) with varying quality. The Incident Enrichment process provides you with additional contextual information on your incidents enabling you to accurately and quickly detect, understand and resolve system issues. Incident enrichment also enables powerful automation so that you can respond to issues faster.

Incident Enrichment in BigPanda is powered by incident metadata and incident tags. Incident tags are created by taking raw data from your systems and normalizing it into key-value pairs. Each tag has two parts: the tag name and the tag value. Tags are the fundamental data model for your alerts and incidents and provide vital incident enrichment.

Incident tags allow you to quickly see summary information for a particular incident rather than needing to review all of the related alerts. Incident tags can leverage any available information that may aid in resolution, such as the cluster and data center where an object resides or links to relevant time series metrics and runbooks.

Read more about how incident enrichment drives monitoring success in the Incident Intelligence documentation.

Incident tags need to be set up by a BigPanda Admin within the BigPanda UI at Settings > Incident Enrichment. See Manage Incident Enrichment for more information.