Group alerts using Rovo
AI is available and automatically activated for all apps on Standard, Premium, and Enterprise plans. Organization admins can manage AI preferences from Apps > AI settings > AI-enabled apps in Atlassian Administration.
AI is not available in Atlassian Government organizations.
Alert grouping by Rovo uses both Atlassian’s machine learning and generative AI to group related and similar alerts and to offer insightful suggestions. This helps on-call team members manage alerts more efficiently by grouping similar alerts, reducing noise, and enabling faster incident response.
Alert grouping is a key AIOps feature that:
groups similar alerts to prevent alert fatigue and lower cognitive load
summarizes related alerts, showing counts, tags, and other key details
identifies patterns so you can escalate related alerts to incidents quickly
Make sure you meet these criteria to use alert grouping:
You're using the alerting feature that's natively available in Jira Service Management.
Your Jira Service Management instance isn't BYOK-encrypted.
To view grouped alerts:
Activate Rovo if you haven’t done so already.
You must be an organization admin to activate Rovo for Jira Service Management.Go to the Alerts list from either Your Work or your team’s Operations.
Each alert has a "Tiny ID," and each alert group generated by Rovo has a unique "Group ID."
For more details, see Navigate the alerts list.
Content is based on your permissions, and its quality may vary. Learn why
Bulk actions for alerts and groups
You can escalate alerts or alert groups to incidents by selecting them in the list view and choosing Create incident or Link incident. For more information, see Create incidents from alerts.
Select individual alerts or groups and choose Create incident.
Select individual alerts or groups and choose Link incident.
Individual alerts and alerts in a group that you don’t have permission to view aren’t included in bulk actions.
View group details
To view details for a group of alerts:
From the alert list view, select a group. The Alerts tab opens by default.
Optionally, assign a team member as the group assignee.
The group detail view includes:
|
| Rovo-generated, based on the alerts in the group. |
| Ack all / Close all / Snooze all / Delete all | Perform these actions on all alerts in the group. |
The Alerts tab |
| |
| Alert count | Number of alerts in the group (only those you have permission to view). |
| Priority | Derived by Rovo from the alerts in the group. |
Created | Time at which the group was created. | |
Last updated | Time at which the group was last updated. | |
Grouped by | Semantic similarity or tags, which means Rovo has added incoming alerts to this group because they’re about the same topic and/or have similar content, or tags contained in them. | |
Grouping stage | Current stage of grouping which can be either | |
Assignee | Owner of the group. | |
Alert responders | Responders on individual alerts in the group. | |
The Details tab
|
|
|
Description | A Rovo-generated summary of the group based on the alerts that are part of it. Select Refresh to update to update the description as more similar alerts get added to the group. | |
Tags | Tags from the alerts in the group. | |
Linked incidents | Any incidents linked to the group. |
Actions
All actions available in the alert list view are also available in the group detail view. You can perform bulk actions (acknowledge, close, create incident, link incident, remove from group) on multiple alerts within a group.
Suggestions by Rovo
Based on the alert groups created, Rovo makes insightful suggestions in terms of past responders, and past alert groups, to help the on-call teams to respond faster.
Create an incident
To create an incident from the alerts in a group:
Select the relevant alerts in a group.
Select Create incident. You can also do this from the What more can you do? panel on the right.
The Create issue dialog comes up. Rovo suggests a title, a description, and a priority for the incident you’re creating.Edit any Rovo-suggested value in the form as necessary. Also, use the thumbs-up or thumbs-down icon to let us know if they make sense or not.
Select Create.
Reach out to past responders
To help you quickly identify who might be best equipped to deal with a specific issue, Rovo suggests responders who have dealt with similar alerts before. This way, you can save time finding the right person and potentially resolve the issue more efficiently.
Check the history of similar alert groups
Rovo also suggests similar alert groups from the past based on their semantic similarity with the current one or tags used, to help you identify patterns or recurring issues over time. By comparing the current alert group with past ones, you can find out if a similar situation occurred before and understand how it was handled. This can improve your decision-making process and potentially lead to more efficient problem-solving.
Alert groups and data residency moves
If you decide to move your product data from one data residency location to another, any alert groups you previously had will be permanently deleted. This is because we currently don’t support moving group-related data. In the new location, however, Rovo will start creating groups from scratch.
Feedback
Use the thumbs up 👍 or thumbs down 👎 icons on any Rovo-generated input to provide feedback. For example, if an alert is grouped incorrectly, select the thumbs-down icon and share details.
For more information about Rovo and AI, visit our Trust Center or any of the following links:
Frequently asked questions
What goes into alert grouping?
Efficient alert grouping is essential for reducing noise and helping teams focus on what matters most during incident triage. Over time, our approach to grouping alerts has evolved to become more intelligent and context-aware, ensuring that related alerts are handled together and teams aren’t overwhelmed by redundant notifications.
Our current model groups alerts based on semantic similarity in their titles, descriptions, and tags, which means it identifies similarities in the language and structure of the alert content.
Example scenario
Suppose your monitoring system generates these alerts:
Alert 1
Title: Deployment 1 failed for Service A at 13:44 UTC
Description: Healthcheck failed for deployment 1. View runbook
Alert 2
Title: Deployment 2 failed for Service A at 14:19 UTC
Description: Healthcheck failed for deployment 2. View runbook
These alerts are from the same service and share a similar structure and wording and hence will be grouped.
To give you a picture of how grouping happens at a greater level of detail:
Alert content | Example | Alerts grouped? |
---|---|---|
Titles: Different Tags: Same or different Descriptions: Same or different | Alert 1 Title: Database connection timeout on Service A Alert 2 Title: High memory usage detected on Service A | NO |
Titles: Similar Tags: Same Descriptions: Highly similar | Alert 1 Title: Deployment 1 failed for Service A at 02:49pm IST Alert 2 Title: Deployment 2 failed for Service A at 05:19pm IST | YES |
Titles: Similar Tags: Same Descriptions: Same | Alert 1 Alert 2 | YES |
Titles: Similar Tags: Same Descriptions: Same | Alert 1 Alert 2 | YES |
Titles: Same Tags: Same Descriptions: Different | Alert 1 Alert 2 | NO |
Titles: Same Tags: Different Descriptions: Same
| Alert 1 Alert 2 | NO |
The model recognizes the semantic similarity and groups them together, making it easier for your team to review and act on related alerts as a set.
This allows you to:
see all related issues in one place
avoid duplicate effort and unnecessary distractions
take action on the group, such as acknowledging or escalating it, rather than handling each alert individually
Alert grouping continues to evolve, with ongoing improvements to make it even more precise and customizable for your team’s needs.
When will I start seeing grouped alerts on my site?
If your site has a significant alert volume over the past 90 days and Rovo detects similar patterns amongst them, you can expect grouping to begin within 4 hours to a day. However, if you're relatively new to the operations space and haven’t had many alerts in the past 90 days, grouping may not start immediately. This is because Rovo needs to identify similar patterns before it can group alerts. After about 15 days, it undergoes retraining and will begin to recognize patterns, leading to alert grouping.
While there's no specific minimum number of alerts required for grouping to start, Rovo needs consistent patterns to even start grouping. This means an alert should have occurred at least 4 times in the last 90 days for it to be considered for grouping. However, if your alerts are infrequent or seasonal, they might not form groups even after Rovo undergoes training again.
How is Atlassian protecting my data?
This particular Rovo feature uses both Atlassian’s machine learning in addition to generative AI. Our machine learning model is individually trained for each customer, to better identify and enhance the grouping of similar alerts within your instance. The training is customer-specific - your data isn’t used to train a model for other customers, or shared between customers. Additionally, as with all of our Rovo features, your data isn’t used to train any LLMs.
Alert grouping takes into account user access permissions. You’ll be able to see an alert group even if you have access to only one alert in that group. For instance, Rovo groups 50 alerts based on their tags and semantic similarity and you have permissions to view only 30 of them, you’ll only see those 30 in the group detail view. The same applies when you create an incident from an alert group as well, which means only those alerts in the group that you have permissions to view will be linked to the incident.
Was this helpful?