Link

Alert Rules: Fields and Actions

An Alert Rule consists of a set of conditions operating on the available alert fields, and a set of actions to be executed when the conditions are met.

Alert Fields

The following fields can be used to build your alert rules:

Alert FieldDescription
Alert TypeThe class of the alert received. Includes Critical, Acknowledged, Resolved, Error, Warning and Info
Incident UrgencyThe urgency of the incident. Can be high or low.
MessageTitle of the alert.
SummarySummary of the alert as generated by Zenduty.
Alert Time(UTC)Time when the alert was received.
Alert Date(UTC)Date when the alert was received.
Day of WeekDay of the week on which the alert was received.
Entity IDUnique identifier used to club alerts together, into a single incident.
Seconds since last similar incidentSeconds since the last incident with similar identifiers, useful in supressing noise when multiple similar incidents start getting triggered.
Payload(Value Match)Match a particular key’s value from the alert payload to a given pattern.
Payload(Key Search)Search the payload for the existence of a particular key.

Actions

The following actions can be triggered when a rule is matched on an incoming alert -


Copyright © 2023 Zenduty