The purpose of this page is to describe the various alert notification integrations Mezmo has to offer.
Alerts send out alert notifications to the specified notification channel(s) whenever a log line with specific content appears in that alert's associated View. A bell icon is also displayed to the right of the View name to indicate that this View has an alert attached to it. While most alerts are for a specific View (known as a view-specific alert), you can also define a preset. A preset is an alert template that you can attach to any number of views.
There are two types of alerts you can set on a view.
- Presence Alerts notify you when there are more than the number of matches of your query within a set time frame.
- Absence Alerts notify you when your logs start showing fewer lines than what is expected. This is useful when you want to be alerted for inactivity in your system. To avoid excessive alerts, absence alerts notifications are paused after 24 hours of not receiving logs and should reset after receiving new logs on a particular view.
You can configure any of the following conditions for an alert:
Time frequency: Specify how often to trigger an alert. Valid values are: 30 seconds, 1 minute, 5 minutes, 15 minutes, 30 minutes, 1 hour, 6 hours, 12 hours, 24 hours. 25 hours
Log lines counter: Specify the number of log lines that match the view's filtering and search criteria. When the number of log lines is reached, an alert is triggered. You can decide whether both conditions are checked or only one. If both conditions are set, an alert is triggered when any of the thresholds is reached.
For example, you can configure an alert that is triggered after 30 seconds, or when a 1000 log lines that match the view's filtering and search criteria are collected.
You can configure multiple alert notification channels. Valid channels are:
Also check out our video on how to save a view to create alerts:
You can configure one or more email addresses.
You can configure a slack channel to deliver alerts to.
You can configure a webhook URL.
You can configure connection details to your PagerDuty system, and select a service.
You can configure the API key to connect to your OpsGenie system.
You can configure the API key to connect to your Datadog system.
You can configure the API key to connect to your AppOptics/Librato system.
You can configure the URL to notify when an alert is triggered, the routing key, and an alert type. Valid alert types are: info, warning, critical.
Time to take effect
Allow up to 15 minutes after an alert is created or modified for it to take effect.
- Perform any search queries and set the sources, apps, and/or log level filters to create the desired conditions you'd like to set an alert on.
- Click the
Unsaved Viewbutton in the top left and select
Save as New View/Alert.
- Name your new view and select a category for it. An alert can also be attached here, with the instructions below.
- Click the arrow icon beside the name of an existing view to display the drop-down menu.
- Select Attach an alert from the drop-down menu.
- Select a preset alert or build your own. You can send an email, Slack, Webhook, Pager Duty, OpsGene, Datadog, AppOptics/Librato, VictorOps alert. It is also possible to send alerts to multiple channels by clicking the plus button above the alert channel options until you have added the desired number of alert channels.
- Set your threshold alerting parameters (e.g. alert immediately when the 20th match appears within 5 minutes, alert at the end of 5 minutes when 20 or more matches appear).
- Configure your alert notification channels.
- Click Save Alert.
Note: There may be a delay of up to 2 minutes before the alert takes effect.
You can define one or more notification channels to a view-specific alert. You can mute alerts. You can detach alerts from a view.
- Select the
Settingsicon in the main menu
Add a preset alert.
- Choose a notification channel.
- Define the threshold conditions.
Select a time frequency. For example, 12 hours.
Enter the number of log lines after which you want the alert to trigger.
Select whether you want both conditions to be checked or just one.
- Add the details for the notification channel that you have chosen.
For example, for the email notification channel, add one or more recipients, and optionally a time zone.
Complete the following steps to delete a preset:
- Select the
Settingsicon in the main menu
- Hover the mouse over the edit button of the preset that you want to delete. The delete option shows.
- Confirm that you want to delete the preset. Click
When receiving email alerts, there is an option in the email to mute the alert for the time period desired. Clicking on one of the links in the UI (shown below) will redirect you to alerts settings.
Updated 9 months ago