Actual requirement is when a status field value changes from one to another, an alert needs to be triggered.
Below are the status field values:
Extended recovery
Investigation suspended
False-positive
Investigating
Service degradation
Service restored
Restoring service
Post-incident report published
Ex: If status field value changes from "false-positive" to "investigating" then alert should be triggered.
If field value changes from "false-positive" to "false-positive" then no alert should be triggered.
↧