Alert Correlation
Alert Correlation groups related alerts into inferences to reduce alert noise and improve triage speed. It helps operations teams understand relationships across alerts and focus on root-cause resolution instead of handling each alert individually.
What you can do
- Create correlation policies using ML-based or time-window logic.
- Define similarity rules to control grouping behavior.
- Use filters to scope which alerts are eligible.
- Review inference outcomes and tune policy behavior.
For step-by-step policy creation details, see Create an Alert Correlation Policy.