All Products
Search

This Product

    Simple Log Service:Alert configuration quick start

    Document Center

    Simple Log Service:Alert configuration quick start

    Last Updated:Jun 03, 2026

    After you collect logs in a Logstore, you can create alert rules to monitor your data. This topic walks through configuring a log alert that sends notifications to a DingTalk group.

    Overview

    In this example, an alert rule checks the target Logstore for data every 15 minutes. If data is found, the alert triggers and a DingTalk bot sends a notification. The process includes the following steps:

    image

    1. Configure notification recipients: Configure a user named Bob and add Bob to a user group.

    2. Configure an alert rule: The alert rule checks the target Logstore for data every 15 minutes. It triggers an alert if data exists.

    3. Configure a notification policy: Use the Simple Log Service built-in alert template to send an alert notification to a DingTalk group and mention Bob.

    4. View alert trigger records: After an alert is triggered, view the alert dashboard and notification details.

    Procedure

    Note

    Before you configure an alert, make sure that logs are collected in the Logstore as expected.

    Step 1: Configure recipients

    Create a user and user group for alert notifications.

    1. Log on to the Simple Log Service console.

    2. In the Projects section, click your project.

    3. In the left-side navigation pane, click Alerts. On the Alert Center page, configure a user named Bob and then click Confirm.

      Click the Notification Recipient tab, select User Management, and click Create. In the Add User dialog box, enter the Identifier, Name, and Phone Number. Turn on SMS and Voice Call if needed. Enter the Email and verify that Enabled is on.

    4. Add the user Bob to the test group in the Add User Group dialog box, and then click Confirm.

      Click the User Group Management tab and click Create. In the Identifier field, enter test. Select the target member and click > to add the member. Verify that Enabled is on.

    Step 2: Configure an alert rule

    An alert rule monitors log data. In this example, the rule checks the target Logstore every 15 minutes. If data is found, an alert triggers and a DingTalk notification is sent.

    1. On the Alert Center > Alert Monitoring Rule tab, click Create Alert.

    2. In the Create Alert panel, configure the Query Statistics settings, and then click Add.

      Set Rule Name to New Alert Rule, Check Interval to Fixed Interval of 15 minutes, and Group Evaluation to Do Not Group.

    3. In the Query Statistics dialog box, select the target Logstore, click Preview to view the data, and then click Confirm.

      Click the Advanced Configuration tab. Set Type to Logstore and set the query to * | select *.

    4. In the Create Alert panel, set Trigger Condition to Data is returned and Severity to Medium. Click OK.

    Step 3: Configure a notification policy

    Alert template

    Alert templates define the content of alert notifications. In this example, the SLS built-in alert template sends alerts through DingTalk.

    1. On the Alert Center > Notification Policy > Alert Template tab, find the SLS built-in alert template and click Modify in the Actions column.

    2. Configure the Send Content for DingTalk alerts.

      Set Title to SLS Alert. In the Content field, enter these template variables: Alert Rule Name: ${alert_name}, Alert Severity: ${severity}, Annotation String: {{ alert.annotations | to_json }}, Alert Host: {{alert.fire_results[0].__source__}}. Click OK.

    SLS notifications

    Alerts are sent through the channel configured in Destination. In this example, SLS notifications sends alerts through the DingTalk channel.

    1. Prerequisites

      To send alert notifications through DingTalk:

      • Open the DingTalk client, go to a DingTalk group, and click the settings icon in the upper-right corner.

      • Choose Bot > Add Robot.

      • Click Custom (Custom message services via Webhook), and then click Add. Configure the Chatbot name. For Security Settings, select Custom Keywords, enter Alerts, and then click Complete.

      • On the chatbot management page in the group chat, find the created bot and copy the webhook URL.

    2. Configure notification recipients

      In the New Webhook dialog box, paste the copied webhook URL into the Request URL field. Configure the following settings and then click OK.

      In the dialog box, enter the Identifier and Name. Set Type to DingTalk. The Signing Secret is optional and required only when signature verification is enabled.

    3. Configure the notification channel

      On the Alert Monitoring Rule tab, find the target rule and click Edit.

      In the Edit Alert Rule panel, configure the following settings and click OK.

      In the Destination section, select SLS notifications and turn on the Enabled switch. Set Alert Policy to Minimalist Mode. In the Action Group section, add a DingTalk notification channel. Set Select Webhook to sample_test, Notification Method to Specified Members, Recipient Type to Static Recipients, and Recipient to Bob. Set Alert Template to SLS built-in alert template and Send Time to Any.

    Step 4: View alert history

    Alert dashboard

    Navigate to Alert Center > Alert Dashboards > Alert Rule Center to view the number of times the alert was triggered.

    This page shows Alert Rule Statistics, Alert Rule Evaluation Status, Alert Trigger Trend, and Alert Trigger Count. Filter by Project, Alert ID, or Alert Name.

    Notification details

    1. On the Alert Center > Alert Monitoring Rule page, click the target rule.

    2. Check the alert details. If Trigger Alert is true, the alert triggered successfully.

      In the alert history table, verify that Execution Result is Success and Details is Successful.

    References