High risk alerts from change risk

When a new, incoming change request is evaluated as high risk, an alert is posted to the IBM Cloud Pak® for AIOps Platform UI. It can be included in the Events report and can be grouped into an incident. By reporting these alerts, high risk insights can be used for incident avoidance and mitigation.

A change risk high risk alert can be identified in the Alert Viewer when the Sender column for an alert contains change-risk. So a high risk alert resembles this example:

Alert Viewer high risk — Figure. Alert viewer high risk

High risk in Events example:

id: UUID (str)
 sender: {
     service: "change-risk-service"
     name: "change-risk",
     type: "change-risk"
 }
 resource: {
     name: str, optional - Service Now CMDB ID (if present)
     sourceId: str - Change number (e.g. "CHG12345")
     type: "change-request"
 }
 type: {
     classification: "change risk analysis"
     condition: str - Confidence level (e.g. "Confidence 94%")
     eventType: "problem"
 }
 severity: 3 (int)
 summary: str - Change reference (e.g. "High-risk change CHG1")
 details: {
     body_html: str - HTML-marked English description of the change, related changes, and related incidents.
 }
 occurrenceTime: datetime (str, UTC, ISO 8601 with timezone) - Time the risk evaluation was processed
 expirySeconds: 0 (int)
 links: [
     {
         name: "Change Request",  (e.g. 'Change Request')
         url: str (e.g. 'https://example.service-now.com/change_request.do?sysparm_query=number=CHG1')
     }
 ]
 insights: [] (empty list)