Unfortunately, for now you can't specify escalation rules inside a group based on alert's properties.
To set up different escalation time, based on server IP (name or other 'object' properties), you need to create two groups. In one of them, escalation will take 10 min, in another one - 20 min.
Next you'll have to go to Settings -> Manage Orion Sources and set up routing to groups in the next way:
- by default they'll routed to Group1, where escalation is 20 min (not critical)
- in case 'object' contains the name of your Critical sever (s), alert will be routed to Group 2 and escalation will be 10 min.
I agree with Olha, that I don't think it would be possible in same alert.
Another solution would be just to add a custom property to the servers (critical, non-critical). Then just make a copy of existing alert, edit each alert and add custom property to identify the server in question. Then have escalations on each alert set to what you are wanting (10 mins, 20 mins).
Hope this helps
Anthony, we use custom properties to achieve this in our environment. The custom property is called Technology_Group_Email, and it can contain a single address or multiple addresses. Basically what we do is, if a node is down the alert will trigger. If the alert is not acknowledged within a certain amount of time (10min) then our other rule which is delayed (10min) will grab the email addresses within the custom property and send to everyone on the list. Hope this helps!