The user-defined alerts in Coralogix enable you to obtain real-time insights based on the criteria of your own choosing. It is a very simple process that grants users full flexibility, advanced alerting options, and real-time push notifications to your preferred communication channel.
1) From the main dashboard, open the logs tab:
2) Perform a query to filter the logs that will be returned as part of the alert. You may use a combination of the query input or the filters on the left side panel. For additional information about how to query logs see here:
3) When you have the right log results, click on the “Create Alert” button. The alert configuration window will be open now. I
4) In the Details section, you need to fill in General alert params: Define Name, Alert description, and Alert Severity.
Note: In Slack Integration the following Tag option are supported if you add to the description <@member_id>, <!here>, <!channel>
5) In the Query section, you will see the query that you entered in the logs screen. You can click the Edit button if you need to change the query.
6) In the Condition section, you set the conditions for triggering the alert – whether you want the alert to trigger immediately or you want to define a rule for ‘More/Less’ occurrences within a specified time window or using our new ‘more than usual’ anomaly detecting option.
If you set up the second ‘Group by’ it will look like this in Coralogix:
7) In the Recipients section, you choose who do you want to be notified, it could be an e-mail address, Slack room or custom webhook or all of them.
8) In the Schedule section, it could be always active or limit triggering to certain days and hours
9) In the Notification Content section, you can choose what portion of the log you want to see when notified, ‘Full Log Text’ to be shown with the entire log or ‘Specific JSON Key’ to be shown with a specific key and its value (you can add multiple keys).
10) In the Verify Alert section, you can check how many times the alert would match the criteria in the last 24 hours.
11) In the History section, you can see which user performed a change in the alert and when.
12) The final step is to click on the ‘Create alert’ button on the upper-right side of the screen. You’re all set! Now you can view your alerts.
The ‘Alert logs’ view within the ‘Insights’ tab shows the logs which triggered the alert:
“Logs” view within ‘Insights’ tab shows all the logs prior to and after the alert was triggered, with the triggered alert itself highlighted:
Snooze alerts was made for those cases where the alert was triggered and handled and there’s no need for further notifications while you are focused in resolving the issue
Snooze or disable snooze
Snoozed alert tooltip: