Platform

    Get real-time insights and automation for comprehensive, seamless monitoring with agentless architecture.

    Platform Overview
  • Infrastructure
    monitoring
  • Cloud monitoring
  • Digital experience
  • AIOPS

      • Solutions

      Whether you work in MSP, Enterprise IT or somewhere in between, the solution is clear.

      Solutions Overview
    By Initiative
    By Industry

      About us

      Get to know LogicMonitor and our team.

      About us
    Get to know us
    Connect
    Services

      Documentation

      Read through our documentation, check out our latest release notes, or submit a ticket to our world-class customer service team.

      View Resources
    Support

    Product Documentation

    Alert Correlation

    Last updated on 26 February, 2024

    Alert correlation is a process of grouping alerts into a single unified incident. Alert correlation offers the following benefits:

    • Identify significant alerts
    • Identify alerts that need further investigation
    • Allows better understanding by providing relationships between alerts from various sources

    In Dexda, alerts are correlated into:

    • Insights – Insights are collections of alerts that have been automatically grouped. Insights are displayed in dashboards and can be further investigated through inspection views. Insights have a lifecycle that completes when an insight is set to closed. An insight can be closed through automation or manually from the user interface. 
    • Singleton Alerts – When there are no correlations found, similar data that have passed maximum correlation time are combined to form a singleton alert. Singleton alerts are escalated as individual alerts.

    New alerts and their updates are the output of LogicMonitor’s Alert Evaluation processing phase. Each alert transaction, such as creation, upgrade, downgrade, and closure, resulting from that phase is processed as a separate event in Dexda.

    Alerts in Dexda have their lifecycle represented in a series of escalation states from new through to closed. When a Dexda alert is in an open state, any reoccurrence of a LogicMonitor alert instance will be deduplicated under the open alert. This ensures that alert state is accurately reflected in Dexda, and provides a point of control for correlation and escalation.