DataDog · estherk15 · Jun 15, 2026 · Jun 16, 2026 · Jun 16, 2026
@@ -25,7 +25,7 @@ further_reading:
   text: "Ensure high service availability with Datadog Service Management"
 ---
 
-{{< img src="service_management/events/correlation/event_management.png" alt="what is event management" style="width:100%;" >}}
+{{< img src="events/correlation/event_management.png" alt="what is event management" style="width:100%;" >}}
 
 ## Overview
 

@@ -4,7 +4,7 @@ aliases:
 - /service_management/events/correlation/
 disable_toc: false
 further_reading:
-- link: "service_management/events/"
+- link: "events/"
   tag: "Documentation"
   text: "Event Management"
 - link: "/incident_response/case_management/"

@@ -3,7 +3,7 @@ title: Analytics from Cases and Events
 aliases:
 - /service_management/events/correlation/analytics/
 further_reading:
-- link: "service_management/events/correlation/"
+- link: "events/correlation/"
   tag: "Documentation"
   text: "Learn about Event Correlation"
 ---
@@ -15,7 +15,7 @@ Keep track of your teams' workload by charting and creating dashboards for event
 
 ## Case Metrics
 
-{{< img src="service_management/events/correlation/case_analytics.png" alt="Configure case analytics" style="width:100%;" >}}
+{{< img src="events/correlation/case_analytics.png" alt="Configure case analytics" style="width:100%;" >}}
 
 
 You can query Case analytics in a variety of graph widgets to analyze team productivity and identify patterns in issues. Display analytic graphs on both Dashboards and Notebooks. To get started, in the widget configuration, select {{< ui >}}Cases{{< /ui >}} in the data source dropdown under the *Graph your data* section.
@@ -36,7 +36,7 @@ The following widgets support Case Analytics:
 
 Break down event metrics by source, host, service, and more. Find out where your problematic alerts are coming from and learn if your operational load is increasing or decreasing over time.
 
-{{< img src="service_management/events/correlation/event_analytics.png" alt="Configure event analytics" style="width:100%;" >}}
+{{< img src="events/correlation/event_analytics.png" alt="Configure event analytics" style="width:100%;" >}}
 
 To get started, in the widget configuration, select {{< ui >}}Events{{< /ui >}} in the data source dropdown under the *Graph your data* section.
 

@@ -3,10 +3,10 @@ title: Configuration
 aliases:
 - /service_management/events/correlation/configuration/
 further_reading:
-- link: "service_management/events/correlation/triage_and_notify"
+- link: "events/correlation/triage_and_notify"
   tag: "Documentation"
   text: "Learn about triaging and notifiying on cases"
-- link: "service_management/events/correlation/analytics"
+- link: "events/correlation/analytics"
   tag: "Documentation"
   text: "Analytics on cases"
 ---
@@ -22,8 +22,8 @@ There are two types of correlations:
 ### Configure Correlation
 
 {{< whatsnext desc=" " >}}
-   {{< nextlink href="service_management/events/correlation/patterns" >}}Pattern-based correlation{{< /nextlink >}}
-   {{< nextlink href="service_management/events/correlation/intelligent" >}}Intelligent correlation{{< /nextlink >}}
+   {{< nextlink href="events/correlation/patterns" >}}Pattern-based correlation{{< /nextlink >}}
+   {{< nextlink href="events/correlation/intelligent" >}}Intelligent correlation{{< /nextlink >}}
 {{< /whatsnext >}}
 
 

@@ -3,7 +3,7 @@ title: Intelligent Correlation
 aliases:
 - /service_management/events/correlation/intelligent/
 further_reading:
-- link: "service_management/events/correlation/triage_and_notify"
+- link: "events/correlation/triage_and_notify"
   tag: "Documentation"
   text: "Learn about triaging and notifiying on cases"
 ---
@@ -18,17 +18,17 @@ To get started:
 1. From there you can preview the intelligent correlations that are created from your organization.
 
 
-{{< img src="service_management/events/correlation/intelligent/intelligent_config_updated.png" alt="Configure intelligent correlation" style="width:100%;" >}}
+{{< img src="events/correlation/intelligent/intelligent_config_updated.png" alt="Configure intelligent correlation" style="width:100%;" >}}
 
 
 ## Receiving your first case
 
-{{< img src="service_management/events/correlation/intelligent/intelligent_project.png" alt="Event Management - Intelligent Correlation" style="width:100%;" >}}
+{{< img src="events/correlation/intelligent/intelligent_project.png" alt="Event Management - Intelligent Correlation" style="width:100%;" >}}
 
 When you navigate to [Event Correlations][3], find a project called {{< ui >}}Intelligent Correlation{{< /ui >}}. From this project, you can see the cases created by Intelligent Correlation. 
 
 Intelligent Correlation generates cases automatically after it finds related alerts:
-{{< img src="service_management/events/correlation/intelligent/intelligent_correlation.png" alt="Case detail page of case created from intelligent correlation, showing related alerts in the Investigation tab" style="width:100%;" >}}
+{{< img src="events/correlation/intelligent/intelligent_correlation.png" alt="Case detail page of case created from intelligent correlation, showing related alerts in the Investigation tab" style="width:100%;" >}}
 
 
 

@@ -3,7 +3,7 @@ title: Maintenance Windows
 aliases:
 - /service_management/events/correlation/maintenance_windows/
 further_reading:
-- link: "service_management/events/correlation/"
+- link: "events/correlation/"
   tag: "Documentation"
   text: "Learn about Event Correlation"
 ---

@@ -3,7 +3,7 @@ title: Pattern-based Correlation
 aliases:
 - /service_management/events/correlation/patterns/
 further_reading:
-- link: "service_management/events/correlation/triage_and_notify"
+- link: "events/correlation/triage_and_notify"
   tag: "Documentation"
   text: "Learn about triaging and notifiying on cases"
 ---
@@ -14,7 +14,7 @@ Pattern-based correlation allows you to control how the events are correlated. D
 
 To get you started, Datadog automatically suggests [pattern-based correlations][1] according to your environment. Click any of the recommendations to open the configuration for the recommended pattern. Configuration fields are pre-populated.
 
-{{< img src="service_management/events/correlation/pattern/recommended_patterns_preview.png" alt="Correlation recommended patterns with the preview panel showing potential cases the pattern would create" style="width:100%;" >}}
+{{< img src="events/correlation/pattern/recommended_patterns_preview.png" alt="Correlation recommended patterns with the preview panel showing potential cases the pattern would create" style="width:100%;" >}}
 
 
 ## Create a pattern
@@ -25,7 +25,7 @@ To create a pattern:
 1. You can adjust a suggested pattern by clicking {{< ui >}}+ Continue With Pattern{{< /ui >}}. This takes you to the pre-populated configuration page for additional tuning. Or, you can choose to create your own pattern by clicking {{< ui >}}+ Personalize From Scratch{{< /ui >}}
 
 First, events are deduplicated to alert based on event aggregation key. Then, alerts are correlated to a case based on configuration. 
-{{< img src="service_management/events/correlation/correlation_helper.mp4" alt="When events matches defined sources, filter, they get deduplicated to alerts. Alerts are correlated based on grouping attributes, and its events are de-duplicated withint the defined time window before the process repeats in a new case. You can modify these configuration in settings" video=true >}}
+{{< img src="events/correlation/correlation_helper.mp4" alt="When events matches defined sources, filter, they get deduplicated to alerts. Alerts are correlated based on grouping attributes, and its events are de-duplicated withint the defined time window before the process repeats in a new case. You can modify these configuration in settings" video=true >}}
 For more information on how to sends events with aggregation key, see [send events to datadog][5]. Events without an aggregation key are deduped to one single alert within the timeframe.
 
 ### Suggested patterns
@@ -69,7 +69,7 @@ Preview the possible patterns and cases your configuration would potentially cre
 
 Use this data to preview the impact of your correlations and understand the expected output of a pattern.
 
-{{< img src="service_management/events/correlation/pattern/preview_pattern_output.png" alt="Configuration for pattern-based correlation highlighting the preview panel; panel shows the number of ingested events that match your configuration, how many of those events alert, how much deduplication would occur, and the number of cases that would result." style="width:100%;" >}}
+{{< img src="events/correlation/pattern/preview_pattern_output.png" alt="Configuration for pattern-based correlation highlighting the preview panel; panel shows the number of ingested events that match your configuration, how many of those events alert, how much deduplication would occur, and the number of cases that would result." style="width:100%;" >}}
 
 **Notes**: the default title in the preview case is the first alert in correlation. After you save a pattern, the event management case title is intelligently generated. 
 

@@ -3,20 +3,20 @@ title: Triage and Notify
 aliases:
 - /service_management/events/correlation/triage_and_notify/
 further_reading:
-- link: "service_management/events/correlation/"
+- link: "events/correlation/"
   tag: "Documentation"
   text: "Learn about Event Correlation"
 ---
 
-{{< img src="service_management/events/correlation/triage/triage.png" alt="Case detail page with an event side panel. Investigate correlated events from a case and analyze related metrics" style="width:100%;" >}}
+{{< img src="events/correlation/triage/triage.png" alt="Case detail page with an event side panel. Investigate correlated events from a case and analyze related metrics" style="width:100%;" >}}
 
 Event Management correlates related events and automatically consolidates them into a single case. Bring in all the context of related logs, related metrics, and alerting monitors to triage and troubleshoot issues in one place.
 
 From the [Correlation][1] page, find the pattern you want to analyze and click {{< ui >}}Triage Cases{{< /ui >}} at the end of the same row. You can also click {{< ui >}}Case Management{{< /ui >}} at the top of the page to view all cases with correlated events in [Case Management][2]. Datadog pulls in related metrics and logs so you can troubleshoot issues with all the related data in one place.
 
 ## Event Management Case
 
-{{< img src="service_management/events/correlation/triage/event_management_case_detail.png" alt="Case detail page - Overview" style="width:100%;" >}}
+{{< img src="events/correlation/triage/event_management_case_detail.png" alt="Case detail page - Overview" style="width:100%;" >}}
 
 
 | Feature | Description | 

@@ -13,7 +13,7 @@ further_reading:
   text: "Troubleshoot faster with improved Datadog Events"
 ---
 
-{{< img src="service_management/events/events-explorer.mp4" alt="Sorting events by attributes and exploring analytics" video=true >}}
+{{< img src="events/events-explorer.mp4" alt="Sorting events by attributes and exploring analytics" video=true >}}
 
 Use the Events Explorer to aggregate and view events coming into Datadog. Group or filter events by attribute and graphically represent them with event analytics. Use the query syntax to filter events using Boolean and wildcard operators.
 

@@ -27,13 +27,13 @@ You can export analytics visualizations to create widgets in a dashboard or note
 Use the query to control what's displayed in your Events Analytics:
 
 1. Choose an attribute or tag to graph, and add it as a facet. Graphing a facet displays the unique count of the variable.
-    {{< img src="service_management/events/explorer/facet-to-graph.png" alt="Shows the list of facets that can be graphed." style="width:100%;" >}}
+    {{< img src="events/explorer/facet-to-graph.png" alt="Shows the list of facets that can be graphed." style="width:100%;" >}}
 2. Use a facet to group your graph by. You must add an attribute as a facet to be able to use it here.
-    {{< img src="service_management/events/explorer/split-graph.png" alt="Shows the list of facets that you can group data by." style="width:100%;" >}}
+    {{< img src="events/explorer/split-graph.png" alt="Shows the list of facets that you can group data by." style="width:100%;" >}}
 3. Choose the time interval for your graph. Changing the global timeframe changes the list of available timestep values. You can display the results as a timeseries, table, or top list.
-    {{< img src="service_management/events/explorer/time-interval.png" alt="Shows the list of possible time intervals, including the default, 5 seconds." style="width:100%;" >}}
+    {{< img src="events/explorer/time-interval.png" alt="Shows the list of possible time intervals, including the default, 5 seconds." style="width:100%;" >}}
 4. Choose to display either the top or bottom values according to the selected measure.
-    {{< img src="service_management/events/explorer/display-values.png" alt="Choose to display the values from the top or from the bottom." style="width:100%;" >}}
+    {{< img src="events/explorer/display-values.png" alt="Choose to display the values from the top or from the bottom." style="width:100%;" >}}
 
 ## Further reading
 

@@ -3,7 +3,7 @@ title: Facets
 aliases:
 - /service_management/events/explorer/facets/
 further_reading:
-- link: "service_management/events/explorer/attributes"
+- link: "events/explorer/attributes"
   tag: "Documentation"
   text: "Learn about reserved attributes"
 ---
@@ -14,7 +14,7 @@ By default, Datadog indexes event attributes as facets. Facets are accessible fr
 
 A facet displays the distinct members of an attribute or a tag and provides basic analytics, such as the number of events represented. Facets allow you to pivot or filter your datasets based on a given attribute. To filter, select the values that you want to see.
 
-{{< img src="service_management/events/explorer/facets-location.png" alt="Facets side-panel" style="width:100%;" >}}
+{{< img src="events/explorer/facets-location.png" alt="Facets side-panel" style="width:100%;" >}}
 
 ### Create a facet
 

@@ -4,7 +4,7 @@ aliases:
 - /service_management/events/explorer/navigate/
 ---
 
-{{< img src="service_management/events/explorer/navigate.png" alt="How to navigate the Events Explorer" style="width:100%;" >}}
+{{< img src="events/explorer/navigate.png" alt="How to navigate the Events Explorer" style="width:100%;" >}}
 
 ## Overview
 
@@ -16,7 +16,7 @@ Click any event in the Events Explorer to open the event side panel, which shows
 
 ### Attributes tab
 
-{{< img src="service_management/events/explorer/event-attribute.png" alt="An example Event Attributes tab" style="width:100%;" >}}
+{{< img src="events/explorer/event-attribute.png" alt="An example Event Attributes tab" style="width:100%;" >}}
 
 The {{< ui >}}Attributes{{< /ui >}} tab of the side panel lists event attributes as JSON. Click an attribute to add it to or exclude it from the existing query, or to add a column for this attribute.
 

@@ -44,18 +44,18 @@ The Events Explorer displays the most recent events generated by your infrastruc
 
 ### Event Analytics
 
-{{< img src="service_management/events/events-analytics.png" alt="Events Analytics display filtered by 'source:cloudtrail'" >}}
+{{< img src="events/events-analytics.png" alt="Events Analytics display filtered by 'source:cloudtrail'" >}}
 
 In addition to viewing and searching events in the Explorer, you can now graph as a timeseries, top list or table and group the number of events for a given query. See [Event Analytics][2] to learn more.
 
 You may also [generate metrics][3] with 15-month retention from any event search query to create monitors and alerts based on historical events.
 
-{{< img src="service_management/events/generate-metrics.png" alt="Image of metrics with the events search query." >}}
+{{< img src="events/guides/usage/generate-metrics.png" alt="Image of metrics with the events search query." >}}
 
 
 ### Graph events in dashboards
 
-{{< img src="service_management/events/graph-events.png" alt="Events Analytics">}}
+{{< img src="events/graph-events.png" alt="Events Analytics">}}
 
 You can now graph events for a given query inside your dashboards as a timeseries graph, query value, top list, table and more.
 
@@ -67,7 +67,7 @@ Event monitors have been ported to use the same standardized set of features as
 
 When you create event monitors, the new query search field uses autocomplete, rather than the legacy fill-in-the-blank query.
 
-{{< img src="service_management/events/guides/events-migration-monitor-new.png" alt="New UI for monitor query syntax" style="width:100%;" >}}
+{{< img src="events/guides/events-migration-monitor-new.png" alt="New UI for monitor query syntax" style="width:100%;" >}}
 
 The new query search allows you to use complex queries in event monitors with new capabilities such as Boolean operators or wildcards.
 

@@ -16,7 +16,7 @@ further_reading:
 
 [Generate metrics][5] with 15-month retention from any event search query to create and monitor historical events and alerts. Events ingested with a timestamp within the past 20 minutes are considered for aggregation. For more information, see [Event Analytics][6].
 
-{{< img src="service_management/events/guides/usage/generate-metrics.png" alt="Image of metrics with the events search query." >}}
+{{< img src="events/guides/usage/generate-metrics.png" alt="Image of metrics with the events search query." >}}
 
 ## Examples of what to do with events
 
@@ -26,13 +26,13 @@ Use the [Events Explorer][7] to aggregate and view events coming into Datadog. G
 
 ### Dashboards
 
-{{< img src="service_management/events/guides/usage/events-dashboard.mp4" alt="A graph widget that uses events as the source" video=true >}}
+{{< img src="events/guides/usage/events-dashboard.mp4" alt="A graph widget that uses events as the source" video=true >}}
 
 You can use events as a data source in [graph widgets][8] to build timeseries, tables, and top list widgets of your event search queries. For example, the [Monitor Notifications Overview][9] dashboard analyzes monitor alert event trends to help you improve your configuration and reduce alert fatigue.
 
 #### Overlays 
 
-{{< img src="service_management/events/guides/usage/event_overlays.png" alt="Option to view event overlays on an example dashboard" style="width:100%;" >}}
+{{< img src="events/guides/usage/event_overlays.png" alt="Option to view event overlays on an example dashboard" style="width:100%;" >}}
 
 Overlays visualize corresponding events on top of your graphs. Use the Dashboard [Event Overlays][10] feature to identify when a recent change is causing performance issues within your application or services and find the source of the problem. 
 

@@ -10,7 +10,7 @@ description: Create custom grok rules to parse the full message or specific attr
 Create custom grok rules to parse the full message or a specific attribute of your raw event. As a best practice, it is recommended to use at most 10 parsing rules within a grok processor.
 
 
-{{< img src="service_management/events/grok-parser.png" alt="Parsing example 1" style="width:80%;">}}
+{{< img src="events/grok-parser.png" alt="Parsing example 1" style="width:80%;">}}
 
 
 Click {{< ui >}}Parse My Events{{< /ui >}} to kickstart a set of three parsing rules for the events flowing through the underlying pipeline. Refine attribute naming from there, and add new rules for other type of events if needed. This feature requires that the corresponding events are being indexed, and actually flowing in—you can temporarily deactivate or sample down exclusion filters to make this work for you.