Use our Alerts API to define, query, and manage Coralogix Alerts.
This tutorial outlines Coralogix’s v3 Alerts gRPC API. It is designed to be simpler and more user-friendly. Using protobuf, it supports clients with autocomplete features, such as Postman’s gRPC.
To authenticate requests, create a customized Team API key with the Alerts role preset assigned to it. Alternatively, selectively add any of the following permissions to your key:
Method | Permission |
ListAlertDefs | alerts:ReadConfig OR logs.alerts:ReadConfig OR metrics.alerts:ReadConfig OR spans.alerts:ReadConfig |
GetAlertDef | alerts:ReadConfig OR logs.alerts:ReadConfig OR metrics.alerts:ReadConfig OR spans.alerts:ReadConfig |
CreateAlertDef | alerts:UpdateConfig OR logs.alerts:UpdateConfig OR metrics.alerts:UpdateConfig OR spans.alerts:UpdateConfig |
ReplaceAlertDef | alerts:UpdateConfig OR logs.alerts:UpdateConfig OR metrics.alerts:UpdateConfig OR spans.alerts:UpdateConfig |
DeleteAlertDef | alerts:UpdateConfig OR logs.alerts:UpdateConfig OR metrics.alerts:UpdateConfig OR spans.alerts:UpdateConfig |
SetActive | alerts:UpdateConfig OR logs.alerts:UpdateConfig OR metrics.alerts:UpdateConfig OR spans.alerts:UpdateConfig |
Find out more about customized API keys here.
Use your customized API key in the Authorization request header to successfully connect.
Example:
grpcurl -H "Authorization: Bearer API_KEY_HERE"
Then, use one of our designated Management endpoints to structure your header.
-d @ ng-api-grpc.coralogix.com:443
For the AlertDefs Service API, the service name is AlertDefsService
.
com.coralogixapis.alerts.v3.AlertDefsService
The complete request header looks like this:
grpcurl -H "Authorization: Bearer API_KEY_HERE" -d @ ng-api-grpc.coralogix.com:443 com.coralogixapis.alerts.v3.AlertDefsService/
Find details on API endpoints here.
grpcurl -H "Authorization: Bearer API_KEY_HERE" -d @ ng-api-grpc.coralogix.com:443 com.coralogixapis.alerts.v3.AlertDefsService/CreateAlertDef <<EOF { "alert_def_properties": { "name": { "value": "logs-immediate" }, "description": { "value": "Example of logs-immediate alert" }, "enabled": { "value": true }, "priority": "ALERT_DEF_PRIORITY_P3", "alert_def_type": "ALERT_DEF_TYPE_LOGS_IMMEDIATE_OR_UNSPECIFIED", "incidents_settings": { "notify_on": "NOTIFY_ON_TRIGGERED_AND_RESOLVED", "use_as_notification_settings": { "value": true }, "minutes": { "value": 1 } }, "notification_group": { "group_by_fields": [], "notifications": [ { "notify_on": "NOTIFY_ON_TRIGGERED_AND_RESOLVED", "recipients": { "emails": [ { "value": "example@coralogix.com" } ] }, "minutes": { "value": 1 } } ] }, "logs_immediate": { "logs_filter": { "lucene_filter": { "label_filters": { "application_name": [ { "operation": "LOG_FILTER_OPERATION_TYPE_ENDS_WITH", "value": { "value": "endsWithThis" } } ], "severities": [ "LOG_SEVERITY_ERROR", "LOG_SEVERITY_CRITICAL" ] }, "lucene_query": { "value": "QueryThisLog" } } } } } } EOF
{ "alert_def": { "alert_def_properties": { "group_by": [], "labels": [], "name": { "value": "logs-immediate" }, "description": { "value": "Example of logs-immediate alert" }, "enabled": { "value": true }, "priority": "ALERT_DEF_PRIORITY_P3", "alert_def_type": "ALERT_DEF_TYPE_LOGS_IMMEDIATE_OR_UNSPECIFIED", "incidents_settings": { "notify_on": "NOTIFY_ON_TRIGGERED_AND_RESOLVED", "use_as_notification_settings": { "value": true }, "minutes": { "value": 1 } }, "notification_group": { "group_by_fields": [], "notifications": [ { "notify_on": "NOTIFY_ON_TRIGGERED_AND_RESOLVED", "recipients": { "emails": [ { "value": "example@coralogix.com" } ] }, "minutes": { "value": 1 } } ] }, "logs_immediate": { "notification_payload_filter": [], "logs_filter": { "lucene_filter": { "lucene_query": { "value": "QueryThisLog" }, "label_filters": { "application_name": [ { "value": { "value": "endsWithThis" }, "operation": "LOG_FILTER_OPERATION_TYPE_ENDS_WITH" } ], "subsystem_name": [], "severities": [ "LOG_SEVERITY_ERROR", "LOG_SEVERITY_CRITICAL" ] } } } } }, "id": { "value": "7341c8e7-e9f8-4129-ba8a-3b4214452266" }, "created_time": { "seconds": "1719248014", "nanos": 0 }, "updated_time": { "seconds": "1719248014", "nanos": 0 } } }
grpcurl -H "Authorization: Bearer API_KEY_HERE" -d @ ng-api-grpc.coralogix.com:443 com.coralogixapis.alerts.v3.AlertDefsService/CreateAlertDef <<EOF { "alert_def_properties": { "name": { "value": "logs-more than" }, "description": { "value": "Example of logs-more than alert" }, "enabled": { "value": true }, "priority": "ALERT_DEF_PRIORITY_P3", "alert_def_type": "ALERT_DEF_TYPE_LOGS_MORE_THAN", "incidents_settings": { "notify_on": "NOTIFY_ON_TRIGGERED_AND_RESOLVED", "use_as_notification_settings": { "value": true }, "minutes": { "value": 1 } }, "notification_group": { "group_by_fields": [], "notifications": [ { "notify_on": "NOTIFY_ON_TRIGGERED_AND_RESOLVED", "recipients": { "emails": [ { "value": "example@coralogix.com" } ] }, "minutes": { "value": 1 } } ] }, "logs_more_than": { "threshold": { "value": 100 }, "time_window": { "logs_time_window_specific_value": "LOGS_TIME_WINDOW_VALUE_HOURS_24" }, "logs_filter": { "lucene_filter": { "label_filters": { "subsystem_name": [ { "operation": "LOG_FILTER_OPERATION_TYPE_INCLUDES", "value": { "value": "includes" } } ] }, "lucene_query": { "value": "QueryThisLog && This Log" } } } } } } EOF
{ "alert_def": { "alert_def_properties": { "group_by": [], "labels": [], "name": { "value": "logs-more than" }, "description": { "value": "Example of logs-more than alert" }, "enabled": { "value": true }, "priority": "ALERT_DEF_PRIORITY_P3", "alert_def_type": "ALERT_DEF_TYPE_LOGS_MORE_THAN", "incidents_settings": { "notify_on": "NOTIFY_ON_TRIGGERED_AND_RESOLVED", "use_as_notification_settings": { "value": true }, "minutes": { "value": 1 } }, "notification_group": { "group_by_fields": [], "notifications": [ { "notify_on": "NOTIFY_ON_TRIGGERED_AND_RESOLVED", "recipients": { "emails": [ { "value": "example@coralogix.com" } ] }, "minutes": { "value": 1 } } ] }, "logs_more_than": { "notification_payload_filter": [], "logs_filter": { "lucene_filter": { "lucene_query": { "value": "QueryThisLog && This Log" }, "label_filters": { "application_name": [], "subsystem_name": [ { "value": { "value": "includes" }, "operation": "LOG_FILTER_OPERATION_TYPE_INCLUDES" } ], "severities": [] } } }, "threshold": { "value": 100 }, "time_window": { "logs_time_window_specific_value": "LOGS_TIME_WINDOW_VALUE_HOURS_24" }, "evaluation_window": "EVALUATION_WINDOW_ROLLING_OR_UNSPECIFIED" } }, "id": { "value": "0d60e 179-c44c-45fa-8476-9ff90cdfe4a3" }, "created_time": { "seconds": "1719248496", "nanos": 0 }, "updated_time": { "seconds": "1719248496", "nanos": 0 } } }
grpcurl -H "Authorization: Bearer API_KEY_HERE" -d @ ng-api-grpc.coralogix.com:443 com.coralogixapis.alerts.v3.AlertDefsService/CreateAlertDef <<EOF { "alert_def_properties": { "name": { "value": "metrics-more than" }, "description": { "value": "Example of metrics-more than alert" }, "enabled": { "value": true }, "alert_def_priority": "ALERT_DEF_PRIORITY_P3", "alert_def_type": "ALERT_DEF_TYPE_METRIC_MORE_THAN", "incidents_settings": { "notify_on": "NOTIFY_ON_TRIGGERED_AND_RESOLVED", "use_as_notification_settings": { "value": true }, "minutes": { "value": 1 } }, "notification_group": { "group_by_fields": [], "notifications": [ { "notify_on": "NOTIFY_ON_TRIGGERED_AND_RESOLVED", "recipients": { "emails": [ { "value": "example@coralogix.com" } ] }, "minutes": { "value": 1 } } ] }, "metric_more_than": { "threshold": { "value": 100 }, "metric_filter": { "promql": { "value": "sum(cpu) by (pod)" } }, "of_the_last": { "metric_time_window_specific_value": "METRIC_TIME_WINDOW_VALUE_HOURS_24" }, "for_over_pct": { "value": 5 } } } } EOF
{ "alert_def": { "alert_def_properties": { "alert_group_bys": [ { "value": "pod" } ], "labels": [], "name": { "value": "metrics-more than" }, "description": { "value": "Example of metrics-more than alert" }, "enabled": { "value": true }, "alert_def_priority": "ALERT_DEF_PRIORITY_P3", "alert_def_type": "ALERT_DEF_TYPE_METRIC_MORE_THAN", "incidents_settings": { "notify_on": "NOTIFY_ON_TRIGGERED_AND_RESOLVED", "use_as_notification_settings": { "value": true }, "minutes": { "value": 1 } }, "notification_group": { "group_by_fields": [], "notifications": [ { "notify_on": "NOTIFY_ON_TRIGGERED_AND_RESOLVED", "recipients": { "emails": [ { "value": "example@coralogix.com" } ] }, "minutes": { "value": 1 } } ] }, "metric_more_than": { "metric_filter": { "promql": { "value": "sum(cpu) by (pod)" } }, "threshold": { "value": 100 }, "for_over_pct": { "value": 5 }, "of_the_last": { "metric_time_window_specific_value": "METRIC_TIME_WINDOW_VALUE_HOURS_24" }, "missing_values": { "replace_with_zero": { "value": true } } } }, "id": { "value": "b8897379-cd65-4033-9318-dc47563faef7" }, "created_time": { "seconds": "1719250165", "nanos": 0 }, "updated_time": { "seconds": "1719250165", "nanos": 0 } } }
Need help?
Our world-class customer success team is available 24/7 to walk you through your setup and answer any questions that may come up.
Contact us via our in-app chat or by emailing support@coralogix.com.