Displaying an alert group

Expand an alert group to display the alerts that were correlated together within the group.

About this task

An alert group contains two or more alerts, which are correlated together by the underlying analytics. The group can include Temporal group icon Temporal groups, Topological group icon Topological groups, and Scope-based group icon Scope-based groups.
Note: Alerts might be marked as being eligible for group membership, but the synthetic parent alert is not created until there are at least two alerts.

Procedure

  1. Identify an alert group within the table.
    You can identify a group using the following signs:
    • It has a Down chevron icon Downward-pointing chevron icon in its row in the table.
    • By default, it has a summary that includes the words: GROUP (n active events), where n is the number of the alerts in the group.
  2. Open the alert group by clicking the Down chevron icon Downward-pointing chevron icon in its row in the table.
    The group's alerts are now displayed under the parent alert.