Alerting

Introduction

Instana is a fully automatic application performance monitoring solution that makes it easy to see the exact, real-time health of your application, hosts, and processes. This is necessary knowledge when it comes to preventing potentially fatal crashes to your infrastructure. With Instana you can know, for example, if your checkout function is on the verge of failing, be aware of excessive CPU steal time, or check the call response time. Instana is built for easy use, deployment, and maintenance, providing a stress free, automatic, real-time evaluation of your application’s status.

Alerting is an important part of any APM product, and with Instana you can configure multiple alerting rules with an unlimited number of integrations to be alerted through. To filter the events on which to be alerted, simply select one or more event types and further filter events by specifying a Dynamic Focus query.

Alerting Configuration

Alerting and Integrations can be configured under “Settings → Team Settings → Alerting”.

alerting configurations dialog

To filter for the specific events to be notified on, enter a Dynamic Focus query by clicking on “Advanced Filter:“. For example, to notify on events affecting the prod zone of the monitored system, specify the query entity.zone:prod. Alternatively you can filter out events affecting entities with tag dev by adding a query NOT entity.tag:dev to the filter. An estimate of the number of events matching the configuration can be found just below.

Each alerting notification contains following metrics:

  • Event type
  • Event status (open, closed)
  • ID and link to Instana
  • Start time
  • Severity
  • Event text and details
  • Host FDQN and tags (when available)
  • Host tags (when available)

Events matching the event type and Dynamic Focus query will be sent to the integrations enabled for the configuration.

Integrations

Integrations can be configured under “Settings → Team Settings → Alerting → Integrations”, and can be used across multiple alerting configurations.

alerting integrations

Email

Specify any number of emails.

WebHook

The following WebHook events are received as an http POST to the configured URL (http or https).

on open issue/incident

{
  "issue": {
    "id": "53650436-8e35-49a3-a610-56b442ae7620",
    "type": "issue",
    "state": "OPEN",
    "start": 1460537793322,
    "severity": 5,
    "text": "Garbage Collection Activity High (11%)",
    "suggestion": "Tune your Garbage Collector, reduce allocation rate through code changes",
    "link": "https://XXXXXXX/#/?snapshotId=rjhkZXdNzegliVVEswMScGNn0YY",
    "zone": "prod",
    "fqdn": "host1.demo.com",
    "entity": "jvm",
    "tags": "production, documents, elasticsearch"
  }
}

on close issue/incident

{
  "issue": {
    "id": "6596e1c9-d6e4-4a8e-85fd-432432eddac3",
    "state": "CLOSED",
    "end": 1460537777478
  }
}

on event online/offline/change

{
  "issue": {
    "id": "53650436-8e35-49a3-a610-56b442ae7620",
    "type": "presence",
    "start": 1460537793322,
    "text": "online",
    "description": "Java virtual machine on Host host1.demo.com",
    "link": "https://XXXXXXX/#/?snapshotId=rjhkZXdNzegliVVEswMScGNn0YY",
    "zone": "prod",
    "fqdn": "host1.demo.com",
    "entity": "jvm",
    "tags": "production, documents, elasticsearch"
  }
}

OpsGenie

Learn more about our OpsGenie integration

PagerDuty

Learn more about our PagerDuty integration

Office 365

Learn more about our Office 365 integration

Slack

Learn more about our Slack integration

Splunk

Learn more about our Splunk integration

Google Chat

Learn more about our Google Chat integration