Severity and Status

Event Severity

Event severity is broken down into four categories in the Sysdig Monitor UI, to better visualize issue priority, and allow for easier filtering practices.

Note

Scripts that used the former severity values (0-7) will continue to work as expected, as the new categories are simplified groupings of those values.

The image below outlines the severity value breakdown:

Event Status

There are two primary event states: triggered, and resolved. In addition, there are two additional statuses available to improve filtering practices.

Event Status	Description
Triggered	The circumstances that triggered the event remain in place (for example, the node remains down).
Resolved	The circumstances that triggered the event are no longer in place (for example, the metric value has returned to within a normal range).
Acknowledged	Manual label to assist in further filtering the events feed. Note The acknowledged label is a purely visual marker. It does not reflect the current state (triggered/resolved) of the event. Custom events cannot be marked as acknowledged.
Unacknowledged	Manual label to assist in further filtering the events feed. Note All events are marked as unacknowledged by default.
Silenced	List of silenced event alerts. For more information, see Silence Alert Notifications.

For more information on filtering the Events feed, refer to Filtering and Searching Events.

Was this helpful?

Would you like to provide feedback? Just click here to suggest edits.