Help and Documentation
Alerts

Alert Grouping

6min

Learn how to create an alert group.

Overview

Alert grouping reduces noise and alert fatigue by consolidating related alerts into a single notification, making it easier for incident responders to focus on critical issues. This improves response efficiency, enhances prioritization, and simplifies communication, ultimately leading to faster incident resolution and better overall system reliability. There are two different types of alert grouping:

  • Time Window (also known as time-based)
  • Content Matching


Common Use Case

A common use case for alert grouping is when the organization has multiple monitors for the service. They might have a monitor for error rate, a monitor for latency, a monitor for CPU, and then maybe a monitor for something on the database. With a lot of monitors, if something goes wrong with that particular service, it is going to trigger all related monitors to start sending off alerts - this is where alert grouping comes in. When using alert grouping you are able to group alerts accordingly so that the responder only gets paged from the first alert that comes in and not paged for each monior that gets triggered.

Configuring an Alert Group

To create a new alert group in the web app:

  1. Navigate to Alerts--> Grouping Tab and click + New Alert Group.
  2. Enter a Name (required) and a Description (optional).
Document image


Step 1: Destinations (required)

  • Here you can select the Services, Teams, and Escalation Policies you’d like to include in this Group. Only alerts that are routed to your selected choices will be considered for grouping.
Document image


Step 2: Time Window (required)

  • Whether you are doing Time Window or Content Matching based alert grouping, you will always be required to set a Time Window. Having a time window tells Rootly when a new group should be started after X amount of time.
  • If you are only looking to configure Time Window grouping, you can click Create Alert Group to complete set up.
Document image


Step 3: Content Matching (optional)

  • Content Matching allows for more granularity to define the conditions under which alerts get grouped together.
  • Alert Title can be used to group alerts that come in with the same title.
  • Alert Urgency can be used to group by different urgencies (high, medium, low)
  • Payload can be used when you want to group alerts based off any specific field from your payload.
    • Example: When you want to group alerts based off of a specific alert features in your payload, they payload may look something similar to $.alert.feature
Document image




Updated 18 Sep 2024
Doc contributor
Doc contributor
Doc contributor
Did this page help you?
PREVIOUS
Alert Urgency
NEXT
On-Call
Docs powered by Archbee