Monitoring and notifiers

Set up monitors and notifiers to be alerted when queries match certain conditions.

This section introduces threshold monitors and notifiers, and explains how you can use them to generate automated alerts from your event data.

Threshold Monitors

A threshold monitor is a background task that periodically runs a query, and compares the values returned by this query against a user-defined threshold rule. When the monitor results match the threshold rule, the monitor enters an alert state. The user can configure the monitor to notify external parties when the monitor enters and exits the alert state.

monitors page

Threshold monitors can be created using the Simple Query Builder or Advanced Query Language.

monitors page

Threshold monitor options

In addition to the query defining the monitor, the following options are available for controlling monitor behavior:

  • Threshold value is the value to compare the results of the query against. This can be any numeric value.
  • Comparison operator is the rule to apply when comparing the results against the threshold value. The possible values are above, above or equal, below, and below or equal.
  • Frequency is how often the monitor runs. This is a positive integer number of minutes.
  • Range is how far to look back when running the query. This is a positive integer number of minutes. Each run of the monitor applies a time range equal to the range. The end time is the time the monitor runs.
  • Alert on no data triggers the monitor when your query doesn't return any data. Your query returns no data if no events matched your filters and an aggregation used in the query is undefined. For example, you take the average of a field not present in any matching events.
  • You can group by attributes when defining your query. By default, your monitor enters the alert state if any of the values returned for the group-by attributes match the threshold rule, and remains in alert state until none of the values returned match the threshold rule. To trigger the monitor separately for each group that matches the threshold rule, enable Notify by group. At most one trigger notification is sent per monitor run. This option only has an effect if the monitor's query groups by a non-time field.
  • Notifiers define how to alert you when the monitor triggers.

Notifiers

Notifiers define how to alert you when a monitor triggers. Axiom supports a range of different notifiers as documented below.

Email

Create an email notifier to notify a list of email addresses. An email will be sent to each email address on the list whenever an associated monitor enters or exits alert state.

Slack

Create Slack notifiers to notify specific channels in your Slack organization using a webhook.

For more information on creating an incoming webhook in Slack, see the Slack documentation.

PagerDuty

Create a PagerDuty notifier to use all the incident management features of PagerDuty with Axiom. Messages will be sent by Axiom when a monitor enters or exits alert state, and you can configure schedules and alerting rules inside PagerDuty.

To configure a new “Service” in PagerDuty using the Events V2 API, go to Configuration > Services > Add New Service and create a new Service named ‘Axiom’ with all the default settings. Take note of the Integration Key provided and enter this when creating a PagerDuty notifier in Axiom.

You will also need to provide an API Access Key with the right permissions which can be generated at pagerduty.com/api_keys.

Webhook

Create webhook notifiers to connect to internal or external services using your own handlers.

The URL will receive a HTTP(s) POST with a content type of application/json and a payload as shown below:

{
    "action":"close",
    "sender":"monitors"
    "event":{
        "id":"f11f8121-c949-4b59-84ba-40ef868f4d54",
        "name":"Queue backlogging",
        "title":"Current value is above threshold value 2500",
        "body":"Triggered with a value of 2782",
        "value":"2782",
        "timestamp":"2021-02-23T14:43:45.34205696Z",
        "source":"monitors.qKKbK6n4xeokNBF9GC.COUNT",
        "priority":0,
        "snoozedUntil":"0001-01-01T00:00:00Z",
        "state":3
    },
}

Opsgenie

Create an Opsgenie notifier to use all the incident management features of OpsGenie with Axiom. Messages will be sent by Axiom when a monitor enters or exits alert state, and you can configure schedules and alerting rules inside Opsgenie.

For more information on configuring an integration in Opsgenie, see the Opsgenie documentation.

Discord

Create a Discord notifier to notify specific channels in your Discord server. You need to provide Axiom with a Discord token and channel identifier to create a Discord notifier.

  • To get a token, go to discord.com/developers/applications and create a new application.
  • Click Bot > Add Bot > Reset Token to get your Discord token.
  • Go to OAuth2 > URL Generator, check the Bot scope and the Send Messages permission, then copy and open the generated URL to add the bot to your server.
  • To get the channel ID, go to User Settings > Advanced and enable developer mode. Then right-click a channel and click Copy ID.
  • Confirm if the check box of the Discord Bot has the proper allow channel access permissions from your settings.

Discord Webhook

Create a Discord Webhook notifier to notify specific channels in your Discord server using a webhook.

For more information on creating a webhook in Discord, see the Discord documentation.

Microsoft Teams

Create a Microsoft Teams notifier to send a notification to a specific channel in your Microsoft Teams instance using a webhook.

For more information on creating an incoming webhook in Microsoft Teams, see the Microsoft documentation.

Snooze

Both monitors and notifiers can be snoozed by clicking the 'alarm clock' icon when configuring the monitor or notifier. Snoozing a monitor will prevent it from running until the snooze time is elapsed. Snoozing a notifier will prevent it from sending messages until the snooze time has elapsed.

Was this page helpful?