Administration GuideEvent Correlation and Incident ManagementCorrelation Rule Tasks › About Incident Notifications

Previous Topic: Example: Creating a CSV File for Testing

Next Topic: How to Design and Apply Incident Notifications

About Incident Notifications

You can set notifications, which pass information about an incident, to be triggered automatically when an incident is created, or launch them manually after viewing the incident. In either case you must first define the notification destinations you want to use in your environment.

You must create notifications in two parts:

  1. Notification Destination, which can contain any combination of the available destination types. For example, a destination might contain email addresses, SNMP server credentials, and an IT PAM process name. Destinations can be assigned to multiple rules.
  2. Notification Details, which are added to individual rules, and contain the information delivered by the notification; email subjects and text, SNMP data, IT PAM process parameters, for example.

Automatic notifications require a correlation rule with notification details, and an associated notification destination. If both components are present, each time the rule creates an incident, an automatic notification is sent to the specified destination or destinations. The combination of destinations and details allows you to set up modular notification. For example, you could route the same notification information to different regional service desks or IT personnel.

You can also assign destinations from existing incidents. When you open an incident and assign a Notification Destination, the notification details specified in the rule are sent immediately. The rule must include notifications in order to send manual notifications.

More information:

How to Create a Notification Destination

Set Notification Defaults

About Correlation Rules

Apply Correlation Rules and Incident Notifications