Alerting

Introduction

Alerting is an important part of any APM product, and with Instana you can configure multiple alerting configurations with an unlimited number of alert channels to be notified through. To filter the events on which to be alerted, simply select one or more event or event types of interest. Events can be further filtered by specifying the scope of the alert, such as by specifying a Dynamic Focus query or a given Application Perspective name.

Alerts Configuration

Alerts can be viewed and configured under “Settings → Team Settings → Events & Alerts → Alerts”.

alerts table

Existing alerts can be filtered as well as new alerts can be added in this view. To create a new alert click on New Alert. After providing a name to the new alert in section 1 of the new alert configuration dialog, you can choose one of the following ways to select events for alerting:

  • Alert on Event(s)
  • Alert on Event type(s)

Alert on Event(s)

By choosing to be alerted on events, you can explicitly opt-in for events to be notified about. Already selected events are listed in the Events table in section 2 as shown below:

selected events

To add more events to be alerted on, click the Add Events button. In the pop-up table view you can select one or more of the currently configured events, both built-in and custom configured ones. You can use various filtering options to narrow down your selection by the following filters:

  • Type: built-in or custom
  • Incidents & Severity: Incident, Critical, Warning
  • Entity type: any currently supported technology by Instana
  • Free-text filter

select events

After selecting a subset of N relevant events, you can select and add all filtered events by clicking on Select All(N) and then Add N Events.

Alert on Event Type(s)

Another way to select events to be alerted on is by selecting one or more event types. In this case any event matching one of the selected types will trigger an alert (assuming it matches the scope configured in section 3). Available event types are shown below:

select events by type

Alert Scope

Furthermore, events can be filtered using Dynamic Focus query or by the name of an Application Perspective by choosing a corresponding option in the scope drop-down menu.

Scope

To filter for specific events based on Application Perspectives, select a particular Application by clicking on Application Perspectives. For example, to be notified for events of the application App Test, select the application App Test from the list of currently configured applications.

To filter for specific events based on a Dynamic Focus query, enter a query by clicking on Selected Entities Only (Dynamic Focus Query). For example, to be notified of events affecting the prod zone of the monitored system, specify the query entity.zone:prod.

By selecting All Available Entities all events matching the criteria in section 2 will trigger an alert, regardless of on which entity they are detected. Please be aware that for large systems this option can lead to many alerts being sent out.

An estimate of the number of events matching the configuration can be found just below the drop-down.

Selection of the Alert Channels

Notifications on matching events can be pushed to one or more of the configured alerting channels. These can be viewed and added in section 4 Alert channels. By clicking on Add Alert Channel you will be presented with a pup-up listing of all currently configured alert channels, where one or more of them can be selected.

Finally, click on the Create button to save this new alert.

Alert notification

Each alerting notification contains additional information about the detected event (if applicable):

  • Event type
  • Event status (open, closed)
  • ID and link to Instana
  • Start time
  • Severity
  • Event text and details
  • Host FDQN and tags (when available)
  • Host tags (when available)
  • Custom / Availability zone (when available)

Alert Channels

Alert Channels can be configured under “Settings → Team Settings → Events & Alerts → Alert Channels”. These can be associated across multiple alerting configurations.

alerting integrations

Email

Specify any number of emails.

WebHook

Learn more about our WebHook alert channel.

OpsGenie

Learn more about our OpsGenie alert channel.

PagerDuty

Learn more about our PagerDuty alert channel.

Office 365

Learn more about our Office 365 alert channel.

Slack

Learn more about our Slack alert channel.

Splunk

Learn more about our Splunk alert channel.

Google Chat

Learn more about our Google Chat alert channel.

VictorOps

Learn more about our VictorOps alert channel.

Maintenance Windows

Maintenance Windows allows the muting of events for specific entities within a given time window. These can be configured under “Settings → Team Settings → Events & Alerts → Maintenance Windows”.

alerting maintenance windows

This is useful when there is planned maintenance or load testing in parts of the monitored system. The affected entities to be muted are filtered using a Dynamic Focus Query or on an Application Perspective. All events, issues and incident matching this query or the Application Perspective will then not throw any alert within the given time window.

NOTE:

  • If the query field is left empty, all alerts will be turned off for the duration of this maintenance window.
  • It can take about 4 minutes until new configurations or changes to existing configurations take effect.

Each Maintenance Window has one of the following states:

  • Unscheduled – No time window has been specified yet, but the configuration can be used for later scheduling.
  • Scheduled – The time window is specified and it is scheduled in the future.
  • Active – It is currently active and events matching the Dynamic Focus Query are muted.
  • Finished – Scheduled maintenance window is in the past.

Please note this can also be configured through our REST API