Duplicate incidents are getting generated.

L7.discardDuplicateMessages was set to false.  Default is true.  If true, the Monitor ignores duplicate messages based on the messageID.

Login to the Enforce Console.

Go to Servers--> Overview and then select the effected Detection Server.

Then go to 'Server Settings' page of the Detection Server.

You will find that the value of "L7.discardDuplicateMessages" is set to "false".

Change the value to "true" and then click Save.

Then recycle the services of Detection Server.

Now you will find that the duplicate incidents will stop getting generated and you will have only one incident for each detection.