Adding Alerts

The last thing that anyone wants is to find out about a critical operational issue on Twitter or from an angry email from the boss. That’s why alerting is an important part of Loggly.

With Loggly, you can specify the exact conditions when you want the alert to fire, with all of the capabilities of our search function at your disposal. For example, you might want to be alerted if a specific error occurs. Or, you might want to be alerted if a variable exceeds some threshold. For example, database response times that exceed 100 ms may indicate trouble. We’ll let you know right away, via email or through another alerting endpoint like PagerDuty.

How To Video

Configuring Alerts

There are three ways to set up alerts in Loggly:

  1. By clicking on the Alert-bell-icon icon at the right-hand side of the search interface.
  2. From the Saved Search creation dialog box.Alert-saved-search
  3. By selecting Add New on the Alerts page.
  4. Alerts-Overview

    Regardless of how you start setting up your alert, you’ll be prompted to fill in the following information:

    Name
    Choose a name for your alert. The name will be returned with any alert that’s triggered.
    Description
    Add a short description so that you remember why you wanted it set up.

    alert_form1

    Search
    You can choose a Saved Search to use. If you initiated your alert setup from the Saved Search creation dialog, that Saved Search will display. If you initiated your alert setup using the bell icon, you’ll see “custom search context” and the details of the current search you were performing. Any time range that was part of your saved search will be ignored, only the terms of a saved search are used for alerting.

    alert_form2

    Alert if
    Here is where you’ll create the criteria to trigger an alert. Set the threshold number of search results that trigger an alert within a given timeframe. For example, you can set an alert to trigger when the search results show more than 10 results over any 5 minute span (based on timestamp).

    alert_form3

    Then
    In this section you establish how you’d like to receive notification. Choose to send an email or hit a 3rd party endpoint. Please see Alert Endpoints for a discussion on setting up your own endpoints. Only registered users can receive email notifications.

    alert_form4

    Check for this condition every
    Set how often we run your saved search and scan for the number of results that match your alert criteria. If you choose to check for the condition every minute & the condition exists for 30 minutes, 30 notifications will be sent.alert_form5
    Thanks for the feedback! We'll use it to improve our support documentation.


Top