Entity types
Notification Center sends notifications based on entity types. An entity type is a Coralogix component that can generate a notification request, such as an alert or a case. Each entity type contains one or more entity subtypes, which define the structure and schema of its notifications.
Notification Center currently supports two entity types: Alerts and Cases.
Work with alert entities
Alert entities generate notifications when alert conditions are met. Each alert subtype defines the schema used to format the notification.
Supported alert subtypes
| Source | Type | Condition | Status | Description |
|---|---|---|---|---|
| Logs | LOGS_IMMEDIATE | — | Triggered / Resolved | Alert immediately when a log of interest is detected. Docs |
| Logs | LOGS_THRESHOLD | More than / Less than | Triggered / Resolved | Alert when the sum of logs crosses a predefined threshold. Docs |
| Logs | LOGS_RATIO_THRESHOLD | More than / Less than | Triggered / Resolved | Alert when the ratio between two log queries reaches a set threshold. Docs |
| Logs | LOGS_TIME_RELATIVE_THRESHOLD | More than / Less than | Triggered / Resolved | Alerts when a fixed ratio reaches a set threshold compared to a past time frame. Docs |
| Logs | LOGS_ANOMALY | More than usual | Triggered / Resolved | Alert when a log crosses an AI-generated baseline. Docs |
| Logs | LOGS_NEW_VALUE | — | Triggered | Alert on a newly detected value in a time series. Docs |
| Logs | LOGS_UNIQUE_COUNT | More than | Triggered | Alert based on a unique value count per key. Docs |
| Metrics | METRIC_THRESHOLD | More than / Less than / More than or equals / Less than or equals | Triggered / Resolved | Alert when a metric crosses a predefined threshold. Docs |
| Metrics | METRIC_ANOMALY | More than usual / Less than usual/ | Triggered /Resolved | Alert when a metric crosses an AI-generated baseline. Docs |
| Tracing | TRACING_IMMEDIATE | — | Triggered | Alert immediately when span duration exceeds a set latency. Docs |
| Tracing | TRACING_THRESHOLD | More than | Triggered | Alert when trace latency crosses a predefined threshold. Docs |
| Flow | FLOW | — | Triggered / Resolved | Alert when any combination of alerts occur in a specific sequence within a defined timeframe. Docs |
All supported alert subtypes, including EntityType and EntitySubType, are listed in the Alerts API
Access alert schema references
- General reference
- Context reference: Describes the
_contextvariable for metadata such as trigger details.
See Dynamic templating
Work with case entities
Case entities track and manage correlated events in Coralogix. Like alerts, they can generate notifications through Notification Center.
Supported case subtypes
| Entity | Subtype | Status | Description |
|---|---|---|---|
| Cases | CREATED | OPEN | A case has been created and is open. |
| Cases | ACTIVE | OPEN | The case is active and remains open. |
| Cases | ACTIVE | ACKNOWLEDGED | The case has been acknowledged. |
| Cases | RESOLVED | CLOSED | The case is resolved and closed, with optional resolution metadata. |
All supported case subtypes are listed in the Cases API.
Access case schema references
- General reference: Alert Schema
- Context reference: Describes the
_contextvariable for case notifications.
See Dynamic templating
Next steps
- Destination types See which third-party tools you can send notifications to
- Routing: Learn how routing labels and rules determine notification delivery
- Connectors: Set up integrations for Slack, PagerDuty, and HTTPS endpoints
- Presets: Configure and customize message templates