Troubleshoot Alert Correlation RuleDescriptionWhen an alert is created, BR "Calculate correlation rule" is executed. The BR calls AlertManager.calculateAlertCorrelation(grAlert)AlertManager calls AlertCorrelationHandler which: A. Checks if the alert matches one of the filters, for primary or secondary alertIf the filter matches either primary, secondary, or advanced, look for a match corresponding to the primary or secondary as configured in the alert correlation rule. Alert correlation can be calculated on demand, for troubleshooting purposes, by: Navigating to "System Definition > Scripts - Background"Runing script: var alertSI = '<sys_id_of_alert>';var alertManager = new SNC.AlertManager();var grAlert = new GlideRecord('em_alert');var grFound = grAlert.get(alertSI);if(grFound){ gs.print("Calculate correlation rule for: " + grAlert.number); alertManager.calculateAlertCorrelation(grAlert);} InstructionsRecreate issueConfirm the alerts match the filters in the correlation ruleGet the sys_id of the alertSet system property evt_mgmt.log_debug = trueRun new calculation with steps in "Description" section of KB, replace in script <sys_id_of_alert> with actual sys_idCollect output from scripts - backgroundSet system property evt_mgmt.log_debug = falseCompare output with AlertCorrelationHandler to determine where the code is not behaving as expectedAdditional InformationAlert Grouping ExplainedSample Alert Correlation Rule using scriptEvent Management Alert correlation for Layer 2 connectionsParent field value is cleared on the secondary alert when the parent alert is closed for Manual and Rule based alert groupingRules-based group not created by alert correlation rule because filter is case sensitive PRBs PRB1410894 - Rules-based group not created by alert correlation rule because filter is case sensitive