Page tree
Skip to end of metadata
Go to start of metadata

What is a Filter?

Filters are used to search for and view specific Alerts, Situations and Impacted Services in AIOps. You can edit filters to display specific Alerts, Situations or Services as required.

The default Alert, Situation and Service Views that can be accessed from the Side Menu are Impacted Services, My Situations, Open Situations, My Alerts and Open Alerts. 

There are two types of the filter: Basic Filter and Advanced Filter. Click the Filter icon to open the drop-down menu and switch between the filter types.

Please note: We recommend you to use the Basic Filter in most cases but if you want more flexibility or need to filter for something more complex then use the Advanced Filter

Creating a basic Filter 

To use the Basic Filter, click in the "Filter" bar and a drop-down menu will appear with available fields.

Select a field and any values as required then click Apply (or click away from the menu). Repeat this for as many fields as you want to add to your filter.

Alternatively type the name of the fields you want to apply to the filter. Once you have entered one or more fields click away from the menu to apply the filter.

Alert Column Parameters

Column Display Name
Associated Operators
Active SituationsIN
Alert Id

>
>=
<
<=
!=

Agent NameMATCHES
Agent HostMATCHES
ClassMATCHES
Count>
>=
<
<=
!=
DescriptionMATCHES
Entropy>
>=
<
<=
!=
External IDMATCHES
First Event Time>= AND <=
HostMATCHES
Internal Last Event Time>= AND <=
Last Change>= AND <=
Last Event Time>= AND <=
ManagerMATCHES
Owned ByIN
SeverityIN
SignificanceIN
SituationsIN
Source IDMATCHES
StatusIN
TypeMATCHES

Situation Column Parameters

Column Display Name
Associated Operators
CategoryMATCHES
Created At>= AND <=
DescriptionMATCHES
First Event Time>= AND <=
ID>
>=
<
<=
!=
Last Change>= AND <=
Last Event Time>= AND <=
Owned ByIN
Participants>
>=
<
<=
!=
Process ImpactedCONTAINS
Scope Trend>0
<=0
Services ImpactedCONTAINS
Sev Trend>0
<=0
SeverityIN
StatusIN
Story>
>=
<
<=
!=
TeamsIN
Total Alerts>
>=
<
<=
!=
User Comments>
>=
<
<=
!=

Creating an Advanced Filter

The Advanced Filter is for complex queries and operates in a similar way as the Basic Filter but you must enter in Moogsoft's filter query language which is based on SQL.

To show all Situations with 'Internal severity' as 'Critical' and 'Description' as 'SocketLam Sigalised', the correct syntax would be: (Internal Severity IN ("Critical")) AND (Description MATCHES "SocketLam Sigalised").

For more information on the query language syntax go to Advanced Filter Query Syntax.

Pausing Alerts and Situations

Click the  Pause button to temporarily stop Alerts or Situations being added to the Alert or Situation view.

Please note: When paused, AIOps will not update the list with the latest data unless you apply a new filter which will trigger a one-time load of data


After any edits have been made, the live feed of data can be reactivated again by clicking the Play button.