# Merging alerts
### Overview
While [Event Grouping](https://docs.ilert.com/configure-alerting/alert-sources#event-grouping) automatically groups similar incoming events into one alert, **Alert Merge** is a manual action that merges **existing alerts** already created in ilert.
**Use cases:**
* Multiple monitoring tools trigger alerts for the same issue.
* Alerts were not automatically grouped.
* You want a single alert for reporting and resolution.
### How it works
* You can merge **two or more alerts** into one **main alert**.
* Merged alerts (called **child alerts**) retain their original state but become read-only for manual updates.
* Escalations and notifications for merged alerts stop immediately.
* Updates, accept, and resolve actions are managed through the **main alert**.
* Monitoring tool updates for merged alerts are **not redirected** to the main alert and will be processed on the child alerts.
### Merge states
Each alert has a `mergeState` in addition to its lifecycle `status` (`pending`, `accepted`, `resolved`).
| Merge state | Description |
| ----------- | ---------------------------------------------------------------------------------------- |
| **NONE** | Regular alert (not merged). |
| **MAIN** | The primary alert other alerts were merged into. |
| **MERGED** | A secondary alert merged into another. Escalations stop; updates are no longer accepted. |
### Merging alerts
#### From the alert list
1. Navigate to **Alerts**.
2. Select two or more alerts.
3. Click **Merge** in the bulk action toolbar.
4. In the dialog, choose which alert is the **main alert**.
5. Confirm with **Merge n alerts**.
#### From the alert detail
1. Open the alert detail view.
2. Click **More actions → Merge into another alert**.
3. Select the target main alert and confirm.
### What Happens After a Merge
| Area | Behavior |
| ------------------------------- | -------------------------------------------------------------------------------------------------------------- |
| **Escalations & notifications** | Stop immediately on merged alerts. |
| **Timeline** | Timeline entries will be added to both the main and the child alert regarding the merge operation. |
| **War room channels** | Connected channels of child alerts will receive a message regarding the merge operation. |
| **Links, details, summaries** | Not merged. |
| **Responders** | Not merged; cannot add new responders on child. |
| **Manual alert actions** | Executable on child; not merged into parent. |
| **Priority** | Becomes read-only on child. |
| **Logs & comments** | Stay attached to the merged (child) alert. |
| **Chat** | Becomes read-only; discussions continue in main alert chat. |
| **Deployment events** | Not merged. |
| **Linked incidents & services** | Not merged. |
| **Grouping stats** | Parent alert shows dedicated **Merged alerts** metric. |
| **Accept/Resolve** | Disabled on child. Main alert’s resolve dialog includes “Also resolve (n) merged alerts” (enabled by default). |
### Access & permissions
* Merge operation requires **Responder** role or higher.
* User must have access to **all alerts** involved in the merge.
### Reports and Dashboards
By default, merged alerts are **excluded** from dashboards and reports for accurate MTTR and SLA calculations.
You can customize this via report filters:
| Option | Description |
| ------------------------------------- | ----------------------------------------------------- |
| **Exclude merged alerts** *(default)* | Only main and unmerged alerts are counted. |
| **Include merged alerts** | Includes all alerts, including merged ones. |
| **Only merged alerts** | Shows merged alerts only (useful for noise analysis). |
Dashboards always default to **Exclude merged**, with an optional toggle to include them.
### Alert merge vs event grouping
| Feature | Purpose | When it happens |
| ------------------ | --------------------------------------------------- | ------------------------ |
| **Event grouping** | Groups multiple incoming events into one alert | During event ingestion |
| **Alert merge** | Merges multiple existing alerts into one main alert | After alerts are created |
{% hint style="info" %}
*Event Grouping* happens automatically based on rules or AI similarity.\
\&#xNAN;*Alert Merge* is a manual, user-initiated operation.
{% endhint %}
### Best Practices
* Use **Event Grouping** to prevent noise.
* Use **Alert Merge** for cleanup and consolidation once alerts exist.
* Merge only related alerts to maintain data integrity.
* Always merge into the alert with the **most context** (responders, timeline, and chat).
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.ilert.com/alerting/working-with-alerts/merging-alerts.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.