Sysdig Documentation

Severity and Status

Event Severity

Event severity is broken down into four categories in the Sysdig Monitor UI, to better visualize issue priority, and allow for easier filtering practices.

Note

Scripts that used the former severity values (0-7) will continue to work as expected, as the new categories are simplified groupings of those values.

The image below outlines the severity value breakdown:

Event Status

There are two primary event states: triggered, and resolved. In addition, there are two additional statuses available to improve filtering practices:

Note

For more information on filtering the Events feed, refer to the Filter Events section.

Event Status	Description
Triggered	The circumstances that triggered the event remain in place (for example, the node remains down).
Resolved	The circumstances that triggered the event are no longer in place (for example, the metric value has returned to within a normal range).
Acknowledged	Manual label to assist in further filtering the events feed. Note The acknowledged label is a purely visual marker, and does not reflect the current state (triggered/resolved) of the event. Custom events cannot be marked as acknowledged.
Unacknowledged	Manual label to assist in further filtering the events feed. Note All events are marked as unacknowledged by default.

Was this helpful?

Would you like to provide feedback? Just click here to suggest edits.

Sysdig Documentation

Severity and Status

Event Severity

Note

Event Status

Note

Note

Note

Search results