As I understand, alerts are the account of the events that occur in the target system and Incidents are those events which require some action for them to get resolved. Please correct me if I am wrong.
Currently, a PD service with email integration allows me
- To register alerts and subsequently Incidents based on the email contents(subject, body, etc.).
- Stop alerts from creating new incidents, if there’s an open incident.
- Filter out some alerts based on the email content.
But, can I keep a log of some of the alerts without creating an incident for it?
In some systems it is a possible behavior to have alerts of different kinds. Some need users attention and some are just like logs(Eg. warning, info) used for analytics only.
The only solution that I could find in the community discussions is to create two different PD services
(one for creating alerts and incidents and other for suppressing all the log kind of alerts). But that will incur lot of management.
Is there any other elegant solution where this behavior can be mimicked in a single service?
Please help me understand the implementation of this case.
Engineer, Yahoo Japan