I would like the ability to use custom metrics that are based on different inspectors within one alert.
I have a custom metric based on the Office 365 inspector, and another custom metric based on the Active Directory inspector. I would like to create a single actionable alert that is based on both of these custom metrics. I should be able to customize what triggers the alert with simple logic. (metric 1 and metric 2) or (metric 1 or metric 2) etc.
The benefit of this would be that I can create even more reliable alerts that help prevent my team from acting on false tickets.
Currently if I use the stale user metric for Active Directory, we can receive false tickets due to the user only using Office 365 and not recently logging into their corporate network. Have the alert check both of these sources of data prior to creating or updating the alert would provide a single ticket to look into stale users instead of 2 separate tickets that may or may not be valid.
|Last Reviewed Date||2022-03-21|