All Products
Search
Document Center

Simple Log Service:Create an alert policy

Last Updated:Nov 22, 2023

If an alert is triggered by an alert monitoring rule, Simple Log Service merges or silences the alert based on the alert policy that is used by the alert monitoring rule. This topic describes how to create an alert policy.

Procedure

  1. Log on to the Simple Log Service console.

  2. Go to the Alert Policy tab.

    1. In the Projects section, click a project.

    2. In the left-side navigation pane, click Alerts.

    3. On the Alert Center page, choose Notification Policy > Alert Policy.

  3. On the Alert Policy tab, click Create.

  4. In the Add Policy dialog box, configure the following parameters and click OK.

    Parameter

    Description

    ID

    The ID of the alert policy. The ID must be unique.

    Name

    The name of the alert policy.

    Route and Merge Policy

    The policy that is used to merge alerts. You can configure a merge policy to merge a large number of identical alerts that are triggered into an alert set. Simple Log Service considers an alert set as a single alert when Simple Log Service sends alert notifications. For more information, see Route and Merge Policy.

    Silence Policy

    The policy that is used to silence alerts. You can configure a silence policy to prevent Simple Log Service from sending notifications for alerts that match specified conditions in a silence period. For more information, see Silence Policy.

Route and Merge Policy

You can configure a merge policy to merge a large number of identical alerts that are triggered into an alert set. You can specify conditions to match alerts in the Condition node and configure rules to merge alerts in the Merge Alerts node.

Configuration description

  1. On the Route and Merge Policy tab, click the 条件 icon.

  2. Specify conditions to match alerts.

    条件

  3. Configure rules to merge alerts.

    分组合并

    Parameter

    Description

    Merge by

    Select a standard based on which Simple Log Service merges alerts. Valid values:

    • Alert ID and All Labels: If you select this option, Simple Log Service merges the alerts that are triggered by the same alert monitoring rule and have the same labels into an alert set.

    • Alert ID: If you select this option, Simple Log Service merges the alerts that are triggered by the same alert monitoring rule into an alert set.

    • Alert Project: If you select this option, Simple Log Service merges the alerts that belong to the same project into an alert set.

    • Alert Project and Severity: If you select this option, Simple Log Service merges the alerts that belong to the same project and have the same alert severity into an alert set.

    • Alert Project and All Labels: If you select this option, Simple Log Service merges the alerts that belong to the same project and have the same labels into an alert set.

    • Custom: If you select this option, Simple Log Service merges alerts based on the attributes that you specify. The attributes include the IDs of Alibaba Cloud accounts, IDs of alert monitoring rules, and alert titles.

    Action Policy

    Select the action policy that you want to use.

    Note

    You can specify an action policy when you create a merge policy. You can also specify an action policy when you create an alert monitoring rule.

    • If you select Dynamic Action Policy, the action policy that you specify when you create an alert monitoring rule is used.

    • If you select an action policy other than Dynamic Action Policy, the action policy that you select is used.

    Group Wait

    Specify the interval after which Simple Log Service sends an alert notification if the first alert set is created. We recommend that you set the unit to Seconds.

    Group Interval

    Specify the interval after which Simple Log Service sends an alert notification if the data in an alert set is modified. We recommend that you set the unit to Minutes.

    Repeat Interval

    Specify the interval after which Simple Log Service sends an alert notification if the data in an alert set remains the same. We recommend that you set the unit to Hours.

  4. Click the 结束 icon for the Condition and Merge Alerts nodes to complete the configuration.

Configuration example

The following figure shows a merge policy. If alerts have an env label of prd, the alerts are merged by the projects to which the alerts belong, and the SLS built-in action policy is executed. If alerts have an env label of test, the alerts are merged by the alert monitoring rules that trigger the alerts, and the test action policy is executed.

路由合并策略

Silence Policy

You can configure a silence policy to prevent Simple Log Service from sending notifications for alerts that match specified conditions in a silence period. You can specify conditions to match alerts in the Condition node and specify a silence period in the Silence Period node.

Configuration description

  1. On the Silence Policy tab, click the 条件 icon.

  2. Specify conditions to match alerts.

    条件3

  3. Specify a silence period.

    静默时间

  4. Click the 结束 icon for the Condition and Silence Period nodes to complete the configuration.

Configuration example

The following figure shows a silence policy. If alerts have a severity of Medium and an expired label of true and the alert monitoring rule belongs to a project whose name contains test-project, the alerts are silenced for 1 hour. If alerts do not match the conditions and do not have an owner label, the alerts are permanently silenced.

静默示例

What to do next

  • Delete a node

    Right-click the node that you want to delete and select Delete Node.

    删除节点

  • Add a node

    In this example, add a node to a merge policy.

    Note

    If you have added the End node, you must delete the End node before you can add nodes such as Condition and Merge Alerts.

    • Click the 条件 icon to add a Condition node.

    • Click the 分组合并 icon to add a Merge Alerts node.

    • Click the 结束 icon to add an End node.

    告警策略