Use Case Title

Identify and Remediate the Most Impacted Resource.

User Goal

Identify the resource generating the highest number of critical alerts in the last 8 hours, analyze those alerts, and take action to start remediation.

When to Use This

Use this workflow when:

  • Multiple alerts are firing
  • You want to quickly find the most affected resource
  • You need to triage and begin investigation

How to Start

Open Command Center > Alerts Launch Copilot Ensure the Command Center channel is selected

How to Ask Copilot

You can start broad and narrow down step by step:

  • Which resource is most impacted in the last 8 hours?
  • How many critical alerts are there on this resource?
  • What are the open alerts on this resource?
  • Analyze these alerts in detail
  • Acknowledge the open alert as I started investigating it

What Copilot Provides

  • Identifies the most impacted resource
  • Lists critical and open alerts for that resource
  • Provides alert analysis and patterns
  • Confirms alert acknowledgment

What to Ask Next (If needed)

  • Are there similar alerts on other resources?
  • Are these alerts correlated?

Actions You Can Take

  • Acknowledge alerts
  • Analyze alert details
  • Continue investigation

Outcome

You quickly identify the most affected resource, understand the alert impact, and formally acknowledge the issue to begin remediation.

Use Case Title

Proactively Detect and Suppress Flapping Alerts

User Goal

Monitor system health, identify flapping alerts, and suppress noise to reduce alert fatigue.

When to Use This

Use this workflow when:

  • You are monitoring system stability over a period
  • Alerts are repeatedly firing and resolving
  • You want to identify noisy or flapping alerts
  • You need to suppress alerts temporarily to focus on real issues

How to Start

Open Command Center > Alerts Launch Copilot Ensure the Command Center channel is selected

How to Ask Copilot

You can start broad and narrow down step by step:

  • Give me a health summary for the last 24 hours
  • Show me critical alerts that haven’t been acknowledged
  • Show me alerts with repeat count greater than 10
  • What are the metrics and components of these alerts?
  • What are the open alerts on this metric?
  • Suppress the alert for 2 hours as they are flapping

What Copilot Provides

  • System health overview
  • Identification of flapping alerts
  • Metric and component-level insights
  • Confirmation of alert suppression

What to Ask Next (If needed)

  • Are there similar flapping alerts on other resources?
  • Has this metric caused alerts in the past?
  • Should I correlate these alerts into an inference?

Actions You Can Take

  • Suppress alerts for a defined duration
  • Acknowledge alerts
  • Continue investigation on specific metrics or resources

Outcome

Alert noise is reduced, system health is stabilized, and attention is focused on actionable issues.

Use Case Title

Analyze and Resolve Incident Tickets

User Goal

Analyze incidents linked to alerts, understand ticket ownership, and resolve issues efficiently.

When to Use This

Use this workflow when:

  • Alerts have generated incident tickets
  • You need to quickly understand the incident context
  • Ownership or status of a ticket is unclear
  • You want guidance on how to resolve a ticket

How to Start

Open Command Center > Alerts Launch Copilot Ensure the Command Center channel is selected

How to Ask Copilot

You can start broad and narrow down step by step:

  • Find all critical alerts which have incidents in the last 4 hours
  • Analyze the incident on alert 121898533
  • Update the status of the incident to Open
  • Suggest how to resolve this ticket
  • To whom is this ticket assigned?
  • Are there any tickets assigned to that user?

What Copilot Provides

  • Alert-to-ticket linkage
  • Incident analysis and context
  • Resolution suggestions based on historical data
  • Ticket ownership and assignment details

What to Ask Next (If needed)

  • Are there similar incidents in the past?
  • Are there related alerts still open?
  • Should this incident be escalated or reassigned?
  • Can I add comments or update priority on this ticket?

Actions You Can Take

  • Update ticket status
  • Review ticket ownership
  • Proceed with resolution based on suggestions

Outcome

The incident is clearly understood, updated appropriately, and ready for resolution with clear ownership.

Use Case Title

Correlate Related Alerts to Eliminate Noise

User Goal

Identify related alerts on a resource and correlate them into a single inference to reduce noise.

When to Use This

Use this workflow when:

  • Multiple alerts are firing for the same resource
  • Alerts appear related or redundant
  • You want to reduce alert clutter during investigation
  • You need a consolidated view of a single underlying issue

How to Start

Open Command Center > Alerts Launch Copilot Ensure the Command Center channel is selected

How to Ask Copilot

You can start broad and narrow down step by step:

  • Which resource is most impacted in the last 4 hours?
  • What are the critical alerts on resource Resource-2?
  • What are the open alerts among them?
  • Correlate them as they seem like noise

What Copilot Provides

  • Resource impact analysis
  • Identification of related alerts
  • Alert grouping and correlation
  • Confirmation of correlation action

What to Ask Next (If needed)

  • What is the root cause of this inference?
  • Are there metrics or graphs for these alerts?
  • Should I acknowledge or suppress the correlated alerts?
  • Are there tickets associated with this inference?

Actions You Can Take

  • Correlate multiple alerts into a single inference
  • Acknowledge correlated alerts
  • Continue investigation on the inferred issue

Outcome

Multiple noisy alerts are grouped into a single correlated incident, simplifying investigation and response.