Skip to main content

Deduplication Filter action

Available for event workflows

This action filters events on whether they will create a new alert or be deduplicated into an existing alert.

The Filter section of this action takes the following inputs:

  • IF the event

    Select the condition to filter by. If this condition is met, then the workflow will continue to the next action in the sequence.

  • ELSE

    If the selected condition isn't met, then choose whether to skip to the next workflow or drop the event.

Event example

Suppose you want to drop all incoming events that have a severity of "clear" and will create new alerts. You can do this by creating a workflow using the Deduplication Filter action.

Configure the workflow trigger to have the following filter:

severity = Clear

Then add a Deduplication Filter action and configure it as follows:

  • IF the event

    Select will deduplicate to an existing alert.

  • ELSE

    Select Drop the event.

In this section: