Alert Types

Sysdig Monitor can generate notifications based on certain conditions or events you configure. Using the alert feature, you can keep a tab on your infrastructure and find out about problems as they happen, or even before they happen with the alert conditions you define. In Sysdig Monitor, metrics serve as the central configuration artifact for alerts. A metric ties one or more conditions or events to the measures to take when the condition is met, or an event happens. Alerts work across Sysdig modules including Explore, Dashboard, Events, and Overview.

The types of alerts available in Sysdig Monitor:

  • Downtime: Monitor any type of entity, such as a host, a container, or a process, and alert when the entity goes down.

  • Metric: Monitor time-series metrics, and alert if they violate user-defined thresholds.

  • PromQL: Monitor metrics through a PromQL query.

  • Event: Monitor occurrences of specific events, and alert if the total number of occurrences violates a threshold. Useful for alerting on container, orchestration, and service events like restarts and unauthorized access.

Topics in This Section
Downtime Alert

Sysdig Monitor continuously surveils different types of entities in your infrastructure, such as a host, a container, a process, and sends notifications when the monitored entity is not available or responding. Downtime alert focuses mainly on unscheduled downtime of programs, containers, and hosts in your infrastructure.

PromQL Alerts

Sysdig Monitor enables you to use PromQL to define metric expressions that you can alert on

Metric Alerts

Sysdig Monitor offers an easy way to define metrics-based alerts by leveraging the easiness of the form configuration and the flexibility of PromQL.

Event Alerts

Monitor occurrences of specific events, and alert if the total number of occurrences violates a threshold. Useful for alerting on container, orchestration, and service events like restarts and deployments.

Advanced Metric Alerts

Advanced metric alerts (Multi-condition alerts) are advanced alert threshold created on complex conditions. They are created by defining alert thresholds as custom boolean expressions that can involve multiple conditions.