Dear Community,
We are actually doing a POC on Logic Monitor with Service Now Integration and eveything is working well except regarding concatenation of alert, that's mean if an entire list of devices for instance 10 Wireless AP are disconnected, we have actually 10 tickets created for each devices.
I would like to know how it could be possible to have only one alert opened for the group of devices ?
Best regards
Ok, after some private discussion, i think your question revolves around a few potential solutions:
Service Insight - allows you to gather together instances/resources into a group, called a service, which has aggregated metrics from all the members of the group. This would be how you would alert on site down situations where you have multiple uplinks from the site to the backbone.
Cluster alerts - more here.
Topology Awareness - LM can learn your topology to know about downstream outages caused by an upstream incident.
If you're in POV, you should discuss these with your Sales Engineer as they should be able to explain how you'd use this to solve problems in your environment. You could also reach out to your CSM. We also have an Ask Me Anything style webinar tomorrow where we could discuss this in person. Register here.
NeophyteOn 11/16/2021 at 3:54 PM, Loic Fournier said:Dear Community,
We are actually doing a POC on Logic Monitor with Service Now Integration and eveything is working well except regarding concatenation of alert, that's mean if an entire list of devices for instance 10 Wireless AP are disconnected, we have actually 10 tickets created for each devices.
I would like to know how it could be possible to have only one alert opened for the group of devices ?
Best regards
I do not believe this is an appropriate use of ServiceNow Event Management, especially given that, if you are using CMDB, you need to have alerts that are distinctly aligned with specific configuration items -- this lays groundwork for other myriad functions of ServiceNow to do what it's designed to do (especially alert grouping)
I would look at the alert grouping route instead.
Also, for context, we wrote our own Integration payloads to ServiceNow to send LogicMonitor alerts to ServiceNow events, and allow ServiceNow's event processing to uplift these into alerts - I believe this also facilitates alert grouping. I don't know how LogicMonitor does this, as they didn't have a direct Event Management integration at the time when we turned LogicMonitor up in our environment.
