Alert Problem Area enriches the alert Problem Area field with information extracted from the alert subject or description. Alert Problem Area is usually used for log-type alerts where rich information is embedded in the alert subject or description, but the metric value is the generic metric name. If the Problem Area field is not enriched, it defaults to the alert Metric field value.

The Problem Area field is used to drive downstream alert correlation, alert first response, and alert escalation. The alert Problem Area field is available in the filter criteria, and the Problem Area is used in alert sequence model training for ML-based alert correlations and seasonality-based suppression. In addition, you can use the Problem Area field when preparing first response and escalation ML training.

Alert correlation and seasonality-based alert suppression use existing data to create ML models. For patterns to be seen by ML, there must be enough repetition in the data. Because the alert problem area policies enrich new alerts, but not existing alerts, it takes a few weeks before you see new patterns from the ML models after you enable alert problem area.

The following permission sets are required to access alert problem area policies:

  • OpsQ View: Allows you to view the policies of other users.
  • OpsQ Manage: Allows you to create, edit, delete, and turn policies on or off.

View Alert Problem Area Policies

  1. Ensure that you have selected a client from the ALL Clients list.
  2. Go to Setup > Alerts > Alert Problem Area.
  3. You can select the number of alert problem area policies to display per page.
Alert Problem Area Policies

Each problem area policy contains the following information:

AttributeDescription
Policy NameName of the alert problem area policy.
Created ByName of the user who created the policy.
Updated ByName of the user who last modified the policy.
Last Updated TimeTime the policy was last modified.
Processed AlertsIndicates the number of alerts on which the problem area policy extracted the problem area from the alert metric.
ModeEnabled, ON or OFF.