Champion
Moderatorteppotahkapaa​ We do not publish our database schemas, though we recognize many do like to explore. The event_insight database supports the Event Insights page found in Skylar One via Events > Event Insights and these metrics are Skylar One organization aware. By default the Event Insights page will display aggregate across all Organizations to which the viewing user has visibility, but may be filtered to a subset (down to a minimum of 1) using the filter icon in the top-right found next to the time frame selector.
That said, I can tell you that alert_type corresponds to the source type of the alert (e.g. Internal, Dynamic App, SNMP Trap, etc...) and alert_category is tagging used as a marker for various outcomes of the alert (e.g. event object was created, alert didn't match to an Skylar One entity, etc...). Again these are utilized to drive informational statistics within the available Event Insights page.
Would you be up for sharing the outcome(s) and/or decision(s) to which you're seeking to address with this information and the "why" behind them? These may be shared questions by other users and aid us in understanding growth needs for our Event Insights feature in the future.
