Closed cloutid closed 1 year ago
Hi @cloutid
This depends on the alert configuration. For the alert to be dedupped, the resulting content needs to be the same or managed via the options provided by the alert action, in short you can scope what is taken into account for the MD5 calculation which in turns represents the unique content.
To say it differently, if you can have sometime in the output of the search which differs every time it would run (like an _time)
This is covered in details in the docs:
Let me know if you have more questions.
Guilhem
thanks for responding, I understand what you mean but in this instance I had scoped the dedup to be a single field $result.Instance$ which had the same value the 5 times a new ticket was created, the only thing was that jira was offline so it was all created due to the backlog hence my question initial question.
@cloutid
I see, yes indeed you are right we might enter into an exception here.
Likely it is getting to the replay KVstore before we investigate the dedup.
I take the point, most likely an issue on the TA side I agree.
Thank you
very well just wanted to confirm that this was perhaps expected behavior when jira goes down. thanks again!
Hello, more of a question than an issue at this point. Been using the addon, nicely done.
This morning we had our Jira instance go down and I could see the tickets multiplying for the same alert with the dedup capability enabled. is it not abled to compare the md5s or should it have been marking them as an "update" in the replay store instead of creating multiple Jira tickets once the connection was re-established?
thank you!