Hi @sheel331,
Orchestration rules can’t be enabled/disabled by time window right now, so there isn’t a native “only run this rule 10pm–6am” switch.
Here are two possible ways you handle this:
Option A - Don’t wake people at night, but still let incidents exist:
- In your orchestration, set severity to critical if the summary contains your specific text; set others to warning/info.
- On the service, set “How should responders be notified?” to “Based on support hours.” Define 6am–10pm as support hours. Outside support hours, notify only for high-urgency.
- Because Dynamic Notifications map critical/error to high urgency, only your “specific text” incidents will notify at night. Everything else will be low urgency and won’t wake folks.
- Docs: Dynamic Notifications and Support Hours: Dynamic Notifications, Configurable Service Settings
Option B - Strictly suppress everything 10pm-6am except the allowlist:
- Create a second service, e.g., “Night Critical Only.”
- In Global Event Orchestration, route events that contain your specific text to that Night service; route all other events to your main service.
- Put a recurring Maintenance Window on the main service from 10pm-6am. During that window, incidents won’t trigger on the main service at all, so only the Night service will alert.
- Docs: Maintenance Windows behavior: Expected Notification Behavior
If you’re okay with “don’t notify at night” instead of strict suppression, Option A is the simplest. If you truly need zero incidents created for non-allowlisted alerts overnight, go with Option B.
References docs you can go through to help with your setup:
Hope this helps, enjoy your day!
Thank you @lupimiguel , this was very helpful! Option A makes sense. As you mentioned, I’m not worried about the existence of incidents, just waking people up at night. I’ll give that a try. Thank you again!
