When you create an alert monitoring rule, you can configure alert policies to merge alerts in groups. This topic describes how to merge alerts in groups based on attributes.
Merge alerts
You can merge alerts that have similar attributes into an alert set. When you configure alert policies, you can merge alerts into alert sets by specifying conditions on the Route Consolidation Policy tab.
// Alert1
{
"alert_name": "Alert1",
"project": "Project1",
"labels": {
"env": "test",
"service": "service1"
}
}
// Alert2
{
"alert_name": "Alert2",
"project": "Project1",
"labels": {
"env": "prod",
"service": "service2"
}
}
// Alert3
{
"alert_name": "Alert3",
"project": "Project1",
"labels": {
"env": "test",
"service": "service1"
}
}
// Alert4
{
"alert_name": "Alert4",
"project": "Project1",
"labels": {
"env": "prod",
"service": "service2"
}
}
- Merge alerts if the alerts belong to one project.
The alerts are merged because the alerts belong to
Project1
. - Merge alerts if the alerts belong to one project and the value of the
env
field is the same.- Alert 1 and Alert 3 are grouped into an alert set because the two alerts belong to
Project1
and have the same value of the env field aslabels
. - Alert 2 and Alert 4 are grouped into an alert set because the two alerts belong to
Project1
and have the same value of the env field aslabels
.
- Alert 1 and Alert 3 are grouped into an alert set because the two alerts belong to
- Merge alerts if the
alert_name
is the same value.The four alerts are not merged because the values of the
alert_name
fields are different.
Configure conditions to merge alerts
When you configure alert policies to merge alerts, you can use the default conditions or customize conditions.
- Default conditions
- Alert ID and All Labels
- Alert ID
- Alert Project
- Alert Project and Severity
- Alert Project and All Labels
- Custom conditions
You can customize conditions to merge alerts based on alert attributes and labels.
- Alert attributes that can be used as conditions to merge alerts include Aliuid, monitoring rule ID, alert name, alert severity, alert region, and alert project.
- If you want to merge alerts based on labels, you can customize labels to merge alerts. You can also merge alerts if the alerts have the same labels.
Do not merge alerts
- If you use the preceding method to merge alerts, alerts with different IDs are not merged.
- If you enable the group evaluation feature when you create an alert monitoring rule, the triggered alerts are grouped into different alert sets and are not merged. The alerts are not merged because the alerts have different labels.
When you create an alert monitoring rule, if you do not enable the Advanced Settings feature in the Alert Policy section, the default alert policy sls.builtin.dynamic is used. If you merge alert by Alert ID and All Labels, the triggered alerts are not merged.
- The group evaluation feature of Alert 1 is enabled. The Advanced Settings feature in the Alert Policy section is enabled. The value of the Merge By parameter is Alert ID and All Labels. Three alert notifications are sent.
- The group evaluation feature of Alert 2 is disabled. The Advanced Settings feature in the Alert Policy section is not enabled. The value of the Merge By parameter is Alert ID and All Labels. If the alert is triggered, only one notification is sent.