Grouping of alert condition results in a single email

One of our application team is looking for alerts where we can include all the errors triggered in a condition for last 5 minutes(condition resides multiple unique messages). We tried sending alerts to incidents and try to list unique messages but the query if failing. Is there a way we can emulate it?

Query we are using to capture incidents:
SELECT uniques(tags.message) FROM NrAiIncident WHERE conditionName = ‘Conditions from Webhook’ FACET conditionName

Hi @veeresh.dandur1!

Can you provide a link to the alert condition where this query is not working? Can you tell me more about how it is failing?

Hi @dkoyano, query is working but I need help where I can include multiple violations in alerting. For ex:https://onenr.io/0Zyw4E7rgR3 , I am not sure if you can access to this, where we are looking for for errors in logs. So we are trying to include all the errors at any particular time.

It is condition based incident preference, so for every 10 mins we are trying to trigger alert where body of alert containing different violation happened for last 10 mins.