When creating and managing an alert management training file, it is important to follow specific guidelines to ensure accurate matching, reduce maintenance overhead, and avoid errors in alert handling.
Case Sensitivity
- Attribute names and values used in the training file are case-sensitive.
- Always match the exact casing used in alert and resource attributes to avoid failed matches.
Metric Name Representation
The following table provides the expected metric names for common monitors when using the G2 Agent:
| Monitor Name | G2 Agent Metric Name |
|---|---|
| Disk Utilization | DISK |
| Memory Utilization | MEMORY |
| Windows Service | WINDOWS_SERVICES |
Unsupported Attributes
- The attribute
resource.generalInfo.nameis not supported. - Avoid using resource names because they are dynamic and can change frequently. This leads to frequent manual updates and increased risk of mismatches.
Recommendation
Instead of using unstable or specific attributes like resource names, use high-level, stable identifiers such as:
resource.deviceGroup.nameresource.serviceGroup.nameresource.generalInfo.resourceType
These help define routing, prioritization, and categorization logic more effectively and with lower maintenance.
Matching Rule Priority
- The machine learning engine selects the row with the most exact attribute matches.
- If multiple rows have the same number of matches, the engine chooses the first matching row in the file.
- For best results, order the file with specific rules at the top and general catch-all rules (with empty cells) at the bottom.
File Encoding
- Always save the training file in CSV UTF-8 (Comma delimited) format.
- Incorrect encoding may cause the system to reject the file or interpret special characters incorrectly.