what is the Max number or limit of number overflow cases with 100 alerts per case .. and rule triggered 10,000 alerts within 24 hours .
so 30 alerts in normal cases and will it created 100 overflow cases?
just want to know what is the limit ..
Page 1 / 1
This is all based on how you have your environment configured.
the overflow configuration is initially based on a hardcoded value of 50 alerts within 10 mins. Then you can modify the timeframe for your liking but it's a global setting. The max time frame for overflow grouping is 24 hours (default is 2) and the max grouped alerts is 100 ( default 50).
Here's an article that may help understand this a little better.
This is all based on how you have your environment configured.
the overflow configuration is initially based on a hardcoded value of 50 alerts within 10 mins. Then you can modify the timeframe for your liking but it's a global setting. The max time frame for overflow grouping is 24 hours (default is 2) and the max grouped alerts is 100 ( default 50).
Here's an article that may help understand this a little better.
yes, but question is how many overflow cases can be created in 24 hours?
is there limit?
yes, but question is how many overflow cases can be created in 24 hours?
is there limit?
I dont believe there's a limit but at that point I would certainly want to modify my rule or exculde a certain entity from creating that much noise.
Reply
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.