# Incident Status Based Deduplication
Incident Status Based Deduplication works on the logic that all alerts that come in for a Service are related to the same issue. So, if there is an open incident for a Service - that is, the incident is in the `Triggered` or `Acknowledged` state, **all** incidents that come in for this Service will get deduplicated against the existing, open incident within the specified time window.
## Prerequisites
* The User Role associated with the user in the Team must have required permissions to manage Services (ability to manage Deduplication Rules).
{% hint style="warning" %} **Important:**\
Automation rule CRUD operations have a 5-minute caching delay before changes take effect.
{% endhint %}
## Enabling the Incident Status-Based Deduplication
1. Navigate to **Services** -> **Service Overview** -> select or search for your desired service.
2. On the extreme right, expand the accordion -> In the **Automation** section, **View All**
3. In the **Automation Rules** section, **Add Deduplication Rules**
4. Select an **Alert Source** from the drop-down -> **Add New Rule**
5. Incident Status Based Deduplication Rules can be added in two ways:
### (a) **UI-based Rule Builder (Beginner-friendly)**
1. Create a rule specifying the **Label** as `past_incident["is_suppressed"]`, **Condition** as `==` and **Value** as `False`.
2. Add an appropriate deduplication time window.
3. Click on **Save Rule** to complete.
{% hint style="info" %}
The key of the Tag label, "tag key" can only contain letters (both lowercase and uppercase) and numbers. Anything else will be ignored.
{% endhint %}
{% hint style="info" %}
The maximum time allowed for deduplication is **48 hours**.
{% endhint %}
{% hint style="info" %}
**Note**: The search option under payload is not a free search, we have to search by JSON format, for example, type in payload.annotations to get annotations.
\
We also have an option for click-to search, wherein you can click on the keys in the payload to get their required values.
{% endhint %}
### (b) **Raw String Method**
{% hint style="info" %}
Once you opt for the Raw String method for a rule, you cannot revert to the UI-based Rule Builder method.
{% endhint %}
1. You can copy and paste the rule below and change the Rule Execution Priority accordingly.
2\. Add an appropriate deduplication time window.
3\. Click on **Save Rule** to complete.
{% hint style="info" %}
The maximum time allowed for deduplication is **48 hours**.
{% endhint %}
## FAQs
1\. I have added the Deduplication Rule `past_incident.is_suppressed == false` manually to an existing Service to deduplicate all alerts against any open incident for the Service. Nevertheless, I do not see Incident Status Based Deduplication taking place as expected. What am I missing?
Once the Deduplication Rule `past_incident.is_suppressed == false` is added manually to an existing Service, please move the rule `up` or `down` based on the Rule Execution Priority you wish to have. If you do not want any of your other Deduplication Rules to be executed for the Service, move the newly added Deduplication Rule to the top of the list of rules.
*Have any questions?* [*Ask the community*](https://community.squadcast.com/view/home)*.*
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://support.squadcast.com/services/alert-deduplication-rules/incident-status-based-deduplication.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.