As data volumes grow and the number of alerts generated by logs, metrics, and security systems exponentially increases, one of the most powerful indicators of alert importance is the number of elements affected by it. Whether it’s the number of users who have encountered a 5XX error when calling an API, the number of Kafka consumer groups that returned errors, the number of CDN locations that are currently loading your site for more than 3 seconds, or the number of different passwords that a single user attempts to log in with to your cloud service console.
The problem with most alerts is that they describe the problem, though, in order to understand the severity or broadness of the issue, users need to drill into the data or rely on dashboards.
Unique Count alerts trigger on the number of unique values inside a selected key that matches a specific search criteria (AKA – The Cardinality of a specific key matched to a search).
STEP 1. Create an Alert.
STEP 2. Define Alert Details.
key:value
.Set as Security Alert. Check this option to create an alert related to Coralogix Security solutions.STEP 3. Select Alert Type: UNIQUE COUNT.
STEP 4. Define your alert search criteria.
STEP 5. Define Conditions.
Note: The total amount of permutations for the unique count by key and group by key should not exceed 10k for the alert timeframe.
STEP 6. Define Notification Groups.
STEP 7. Set a Schedule. Limit triggering to specific days and times.
STEP 8. Define Notification Content:
STEP 9. Create your alert.
Need help?
Our world-class customer success team is available 24/7 to walk you through your setup and answer any questions that may come up.
Feel free to reach out to us via our in-app chat or by sending us an email at [email protected].