Global event correlation is a nice feature that helps to suppress unnecessary alerts. However, Zabbix has to do more on problem deduplication, and event correlation could be used for this purpose.

For the moment, global event correlation can only close old or new events, and when some events are closed, the open ones do not include any information about the others. Extending event correlation in allowing still open events to reference the others would be useful for problem deduplication and noise reduction.

Imagine for example a disk latency trigger positioned on all our servers. If for a reason the SAN or disk array experiences performance issues, this would trigger hundreds of alerts for hundreds of servers. With global event correlation, we could correlate these events, close the new ones and only keep the first event. However this means that only one event appears in the dashboard, with no information about the other servers. In the same way, only one notification is sent (for example one email), but it doesn't mention the other problems. This is good to avoid alert storms, but the support teams wouldn't be informed that a global issue is happening.