Alert Suppression with Fine-Grained and Coarse-Grained Feedback based Active Learning

In today’s cloud computing landscape, an array of monitoring tools from diverse domains and vendors produce an overwhelming volume of alerts and events, many of which lack actionable significance. Traditional approaches to alleviate alert noise often hinge on static policies, which can swiftly become obsolete and ineffectual in the ever-evolving IT environments. We introduce a novel approach for alert suppression (ANNEAL ¹) to tackle this pressing challenge. ANNEAL leverages expert feedback to elevate the precision and efficacy of alert detection and gains insights into pertinent alert features via fine-grained alert-level feedback, subsequently recommending policies that undergo validation through expert feedback at the coarse-grained level. By merging fine-grained and coarse-grained feedback, this model adeptly reduces the occurrence of nonactionable alerts. This fusion of feedback mechanisms alleviates the burden of manual annotation, and as our results demonstrate, outperforms baseline methods in real-world alert suppression.