As data volumes grow and the amount of alerts generated by logs, metrics, and security systems exponentially increase, one of the most powerful indicators of an alert importance is the number of elements affected by it. Whether it’s the number of users who have encountered a 5XX error when calling an API, the number of Kafka consumer groups that returned errors, the number of CDN locations that are currently loading your site at more than 3 seconds, or the number of different passwords that a single user attempts to login with to your cloud service console.
The problem with most alerts, is that they describe the problem, though in order to understand the severity or broadness of the issue, users need to drill into the data or rely on dashboards.
Unique Count Alert, alerts on the number of unique values inside a selected key that match a specific search criteria (AKA – The Cardinality of a specific key matched to a search).
Defining Coralogix Unique Count Alerts is simple:
- Choose “Unique Count Alert” in the Coralogix alerts creation panel
- Define your alert search criteria:
- Define the key to match to track unique count:
- Once triggered, the alert will display the behavior of unique count per the selected key that match search criteria, and list all the unique values that were discovered within the tracked key.
Like all alerts in Coralogix, Unique Value Alerts work without you having to store or index any of your logs, data is tracked and analyzed before stored. This allows you to get real-time and smart alerting without the costs of storage and reduce your observability costs by 70%.
Chat with us for any question, we answer in less than 2 minutes.