Last Updated: Jun. 26, 2024
Use our Alerts API to define, query, and manage Coralogix Alerts .
Overview
This tutorial outlines Coralogix’s v3 Alerts gRPC API. It is designed to be simpler and more user-friendly. Using protobuf, it supports clients with autocomplete features, such as Postman’s gRPC.
Authentication
To authenticate requests, create a customized Team API key with the Alerts role preset assigned to it. Alternatively, selectively add any of the following permissions to your key:
Method Permission ListAlertDefs alerts:ReadConfig OR logs.alerts:ReadConfig OR metrics.alerts:ReadConfig OR spans.alerts:ReadConfig GetAlertDef alerts:ReadConfig OR logs.alerts:ReadConfig OR metrics.alerts:ReadConfig OR spans.alerts:ReadConfig CreateAlertDef alerts:UpdateConfig OR logs.alerts:UpdateConfig OR metrics.alerts:UpdateConfig OR spans.alerts:UpdateConfig ReplaceAlertDef alerts:UpdateConfig OR logs.alerts:UpdateConfig OR metrics.alerts:UpdateConfig OR spans.alerts:UpdateConfig DeleteAlertDef alerts:UpdateConfig OR logs.alerts:UpdateConfig OR metrics.alerts:UpdateConfig OR spans.alerts:UpdateConfig SetActive alerts:UpdateConfig OR logs.alerts:UpdateConfig OR metrics.alerts:UpdateConfig OR spans.alerts:UpdateConfig
Find out more about customized API keys here .
Use your customized API key in the Authorization request header to successfully connect.
Example:
grpcurl -H "Authorization: Bearer API_KEY_HERE"
Then, use one of our designated Management endpoints to structure your header.
-d @ ng-api-grpc.coralogix.com:443
For the AlertDefs Service API, the service name is AlertDefsService.
com.coralogixapis.alerts.v3.AlertDefsService
The complete request header looks like this:
grpcurl -H "Authorization: Bearer API_KEY_HERE" -d @ ng-api-grpc.coralogix.com:443 com.coralogixapis.alerts.v3.AlertDefsService/
API endpoints
Find details on API endpoints here .
Sample requests
grpcurl -H "Authorization: Bearer API_KEY_HERE" -d @ ng-api-grpc.coralogix.com:443 com.coralogixapis.alerts.v3.AlertDefsService/CreateAlertDef <<EOF
{
"alert_def_properties": {
"name": {
"value": "logs-immediate"
},
"description": {
"value": "Example of logs-immediate alert"
},
"enabled": {
"value": true
},
"priority": "ALERT_DEF_PRIORITY_P3",
"alert_def_type": "ALERT_DEF_TYPE_LOGS_IMMEDIATE_OR_UNSPECIFIED",
"incidents_settings": {
"notify_on": "NOTIFY_ON_TRIGGERED_AND_RESOLVED",
"use_as_notification_settings": {
"value": true
},
"minutes": {
"value": 1
}
},
"notification_group": {
"group_by_fields": [],
"notifications": [
{
"notify_on": "NOTIFY_ON_TRIGGERED_AND_RESOLVED",
"recipients": {
"emails": [
{
"value": "example@coralogix.com"
}
]
},
"minutes": {
"value": 1
}
}
]
},
"logs_immediate": {
"logs_filter": {
"lucene_filter": {
"label_filters": {
"application_name": [
{
"operation": "LOG_FILTER_OPERATION_TYPE_ENDS_WITH",
"value": {
"value": "endsWithThis"
}
}
],
"severities": [
"LOG_SEVERITY_ERROR",
"LOG_SEVERITY_CRITICAL"
]
},
"lucene_query": {
"value": "QueryThisLog"
}
}
}
}
}
}
EOF
Sample response
{
"alert_def": {
"alert_def_properties": {
"group_by": [],
"labels": [],
"name": {
"value": "logs-immediate"
},
"description": {
"value": "Example of logs-immediate alert"
},
"enabled": {
"value": true
},
"priority": "ALERT_DEF_PRIORITY_P3",
"alert_def_type": "ALERT_DEF_TYPE_LOGS_IMMEDIATE_OR_UNSPECIFIED",
"incidents_settings": {
"notify_on": "NOTIFY_ON_TRIGGERED_AND_RESOLVED",
"use_as_notification_settings": {
"value": true
},
"minutes": {
"value": 1
}
},
"notification_group": {
"group_by_fields": [],
"notifications": [
{
"notify_on": "NOTIFY_ON_TRIGGERED_AND_RESOLVED",
"recipients": {
"emails": [
{
"value": "example@coralogix.com"
}
]
},
"minutes": {
"value": 1
}
}
]
},
"logs_immediate": {
"notification_payload_filter": [],
"logs_filter": {
"lucene_filter": {
"lucene_query": {
"value": "QueryThisLog"
},
"label_filters": {
"application_name": [
{
"value": {
"value": "endsWithThis"
},
"operation": "LOG_FILTER_OPERATION_TYPE_ENDS_WITH"
}
],
"subsystem_name": [],
"severities": [
"LOG_SEVERITY_ERROR",
"LOG_SEVERITY_CRITICAL"
]
}
}
}
}
},
"id": {
"value": "7341c8e7-e9f8-4129-ba8a-3b4214452266"
},
"created_time": {
"seconds": "1719248014",
"nanos": 0
},
"updated_time": {
"seconds": "1719248014",
"nanos": 0
}
}
}
Create a more-than-usual, log-based Dynamic Alert
grpcurl -H "Authorization: Bearer API_KEY_HERE" -d @ ng-api-grpc.coralogix.com:443 com.coralogixapis.alerts.v3.AlertDefsService/CreateAlertDef <<EOF
{
"alert_def_properties": {
"name": {
"value": "logs-more than"
},
"description": {
"value": "Example of logs-more than alert"
},
"enabled": {
"value": true
},
"priority": "ALERT_DEF_PRIORITY_P3",
"alert_def_type": "ALERT_DEF_TYPE_LOGS_MORE_THAN",
"incidents_settings": {
"notify_on": "NOTIFY_ON_TRIGGERED_AND_RESOLVED",
"use_as_notification_settings": {
"value": true
},
"minutes": {
"value": 1
}
},
"notification_group": {
"group_by_fields": [],
"notifications": [
{
"notify_on": "NOTIFY_ON_TRIGGERED_AND_RESOLVED",
"recipients": {
"emails": [
{
"value": "example@coralogix.com"
}
]
},
"minutes": {
"value": 1
}
}
]
},
"logs_more_than": {
"threshold": {
"value": 100
},
"time_window": {
"logs_time_window_specific_value": "LOGS_TIME_WINDOW_VALUE_HOURS_24"
},
"logs_filter": {
"lucene_filter": {
"label_filters": {
"subsystem_name": [
{
"operation": "LOG_FILTER_OPERATION_TYPE_INCLUDES",
"value": {
"value": "includes"
}
}
]
},
"lucene_query": {
"value": "QueryThisLog && This Log"
}
}
}
}
}
}
EOF
Sample response
{
"alert_def": {
"alert_def_properties": {
"group_by": [],
"labels": [],
"name": {
"value": "logs-more than"
},
"description": {
"value": "Example of logs-more than alert"
},
"enabled": {
"value": true
},
"priority": "ALERT_DEF_PRIORITY_P3",
"alert_def_type": "ALERT_DEF_TYPE_LOGS_MORE_THAN",
"incidents_settings": {
"notify_on": "NOTIFY_ON_TRIGGERED_AND_RESOLVED",
"use_as_notification_settings": {
"value": true
},
"minutes": {
"value": 1
}
},
"notification_group": {
"group_by_fields": [],
"notifications": [
{
"notify_on": "NOTIFY_ON_TRIGGERED_AND_RESOLVED",
"recipients": {
"emails": [
{
"value": "example@coralogix.com"
}
]
},
"minutes": {
"value": 1
}
}
]
},
"logs_more_than": {
"notification_payload_filter": [],
"logs_filter": {
"lucene_filter": {
"lucene_query": {
"value": "QueryThisLog && This Log"
},
"label_filters": {
"application_name": [],
"subsystem_name": [
{
"value": {
"value": "includes"
},
"operation": "LOG_FILTER_OPERATION_TYPE_INCLUDES"
}
],
"severities": []
}
}
},
"threshold": {
"value": 100
},
"time_window": {
"logs_time_window_specific_value": "LOGS_TIME_WINDOW_VALUE_HOURS_24"
},
"evaluation_window": "EVALUATION_WINDOW_ROLLING_OR_UNSPECIFIED"
}
},
"id": {
"value": "0d60e
179-c44c-45fa-8476-9ff90cdfe4a3"
},
"created_time": {
"seconds": "1719248496",
"nanos": 0
},
"updated_time": {
"seconds": "1719248496",
"nanos": 0
}
}
}
Create a more-than-usual, metric-based Dynamic Alert
grpcurl -H "Authorization: Bearer API_KEY_HERE" -d @ ng-api-grpc.coralogix.com:443 com.coralogixapis.alerts.v3.AlertDefsService/CreateAlertDef <<EOF
{
"alert_def_properties": {
"name": {
"value": "metrics-more than"
},
"description": {
"value": "Example of metrics-more than alert"
},
"enabled": {
"value": true
},
"alert_def_priority": "ALERT_DEF_PRIORITY_P3",
"alert_def_type": "ALERT_DEF_TYPE_METRIC_MORE_THAN",
"incidents_settings": {
"notify_on": "NOTIFY_ON_TRIGGERED_AND_RESOLVED",
"use_as_notification_settings": {
"value": true
},
"minutes": {
"value": 1
}
},
"notification_group": {
"group_by_fields": [],
"notifications": [
{
"notify_on": "NOTIFY_ON_TRIGGERED_AND_RESOLVED",
"recipients": {
"emails": [
{
"value": "example@coralogix.com"
}
]
},
"minutes": {
"value": 1
}
}
]
},
"metric_more_than": {
"threshold": {
"value": 100
},
"metric_filter": {
"promql": {
"value": "sum(cpu) by (pod)"
}
},
"of_the_last": {
"metric_time_window_specific_value": "METRIC_TIME_WINDOW_VALUE_HOURS_24"
},
"for_over_pct": {
"value": 5
}
}
}
}
EOF
Sample response
{
"alert_def": {
"alert_def_properties": {
"alert_group_bys": [
{
"value": "pod"
}
],
"labels": [],
"name": {
"value": "metrics-more than"
},
"description": {
"value": "Example of metrics-more than alert"
},
"enabled": {
"value": true
},
"alert_def_priority": "ALERT_DEF_PRIORITY_P3",
"alert_def_type": "ALERT_DEF_TYPE_METRIC_MORE_THAN",
"incidents_settings": {
"notify_on": "NOTIFY_ON_TRIGGERED_AND_RESOLVED",
"use_as_notification_settings": {
"value": true
},
"minutes": {
"value": 1
}
},
"notification_group": {
"group_by_fields": [],
"notifications": [
{
"notify_on": "NOTIFY_ON_TRIGGERED_AND_RESOLVED",
"recipients": {
"emails": [
{
"value": "example@coralogix.com"
}
]
},
"minutes": {
"value": 1
}
}
]
},
"metric_more_than": {
"metric_filter": {
"promql": {
"value": "sum(cpu) by (pod)"
}
},
"threshold": {
"value": 100
},
"for_over_pct": {
"value": 5
},
"of_the_last": {
"metric_time_window_specific_value": "METRIC_TIME_WINDOW_VALUE_HOURS_24"
},
"missing_values": {
"replace_with_zero": {
"value": true
}
}
}
},
"id": {
"value": "b8897379-cd65-4033-9318-dc47563faef7"
},
"created_time": {
"seconds": "1719250165",
"nanos": 0
},
"updated_time": {
"seconds": "1719250165",
"nanos": 0
}
}
}
Support
Need help?
Our world-class customer success team is available 24/7 to walk you through your setup and answer any questions that may come up.
Contact us via our in-app chat or by emailing support@coralogix.com .
Oh no!We didn’t find anything for “”,