Looking at this new page I see there is a setting where you can enable or disable the creation of Incidents from this analytics rule. Why would you do that? Isn't the purpose of an alert to create an Incident?
Is this something along the lines that you may not care about the actual alert (like when a new account is created) but you want it out there for Machine Learning to use?
On a side note, it kind of sucks that I had to stumble on this. I have not found any sort of announcement of this new functionality anywhere.
@Gary Bushey I have the opposite problem that a rule (a default one it seems) does not produce accurate results and thus generates alot of 'false positive incidents' that skew my newly create PowerBi inc dashboard :)
About the alerts - incident relationship.. I had some past experience on Arcsight/Logrhythm where we wanted to generate alerts but not immediately report them to analysts via tickets but rather use alerts in other analytics rules. if that makes sense. Or have an alert rule in 'test/dev' mode without generating incidents.
I agree on the notification part. It would be great to have some 'release notes' banner/button/page on the portal to skim through new changes. All (cloud) products change so fast its really hard to keep up with all 'unannounced changes'.