Alert Rules allow you to specify conditions based on the incoming alerts' properties to automatically create incidents, classify, and communicate them to the respective teams on time. This ensures that you don’t get flooded with multiple incidents for the same issue.
Creating an Alert Rule
To create an alert rule, follow the steps mentioned below.
Go to Admin > IT Operations Management > Alert Rules and click on New Alert Rule
Provide a name and description for your Alert rule. The name should be clear enough for you and your team members to understand what the rule is for (something like ‘RDS Replica lag alerts’)
The next step is to set the conditions for the alert rule. Click on an alert parameter from the dropdown and set the condition. For example, you can set a condition to create an incident on receiving an alert with a P1 tag or with a particular metric name such as CPU Utilization
Please note that you can add multiple conditions to the same alert rule.
After adding the conditions, the next step is to set up actions that will be performed when an alert fulfills the set conditions.
Click on the Action dropdown to choose an action. Let’s take the above example. A P1 alert could indicate a service disruption. So you can create an incident that should also have relevant tags, a private note, and assign it to the relevant L1 team. Setting up this would look something like this
After creating the alert rule, you can see it on the Alert Rules section. You can enable/disable an alert rule using the toggle button.