About Incidents and Alerts
AI-Powered ADEM,
ADEM Observability, and
Prisma Access raise incidents, which indicate a problem, unplanned interruption,
or reduction in quality of service in your environment. An incident is a correlation
of alerts across metrics that provides contextual troubleshooting information along
with a live scope of impact. When the underlying issue to an incident is fixed,
Prisma Access automatically validates the cause, resolves the symptoms, and
clears the incident. Your customers can subscribe to incident notifications or to
the underlying alerts through different notification methods, such as
ServiceNow,
email, or
webhooks.
The product creates an incident when the product can:
- Detect and qualify business impact.
- Detect the issue to a higher precision, such as with correlations, aggregations,
and anomaly detection.
Select the
Incident List tab to open and view any
incident and see all alerts that are correlated with an incident.
Prisma Access alerts you when something isn't right in your environment. When an
issue occurs in the network (for example, 15 minutes of continuous application
degradation), Prisma Access has a raise condition in place that triggers an
alert. Then, 10 to 15 minutes after Prisma Access raises the alert, the alert in
turn generates an incident.
More than one alert can generate one incident.
Alerts let you know if there is an issue or problem affecting the Prisma Access
cloud infrastructure, so that you’re aware as the Prisma Access team works on a
fix. Alerts are resolved only when the issue that triggered the alert is fixed; you
can't manually resolve alerts. Users subscribed to alert notifications receive a
notification when an update is issued, when the alert severity increases, and when
it is resolved.