Alerts are a fundamental feature of any log management software. They help you keep track of what’s going on, check the outstanding issues immediately, and promptly resolve any problem.
If you’re a system administrator, you want to receive alerts directly from the application in real-time and be sure that all the relevant info is just in front of your eyes when you access them. Graylog features a simplified interface that shows all the information you need in a timely manner without compromising the level of detail provided.
How It Works
Graylog alerts menu helps you keep track of all the events that occurred and know exactly what’s happening at every moment. Outstanding alerts will be highlighted by a red “unresolved” marker so you will know which one you should prioritize. However, you can also check past ones that have already been resolved at any time. Clicking on any of these alerts allows you to drill into it, check the timeline when the event occurred and all the information you need to fix the potential issue.
Why was that alert notification fired?
One of the most interesting and unique features of Graylog is that our log management software provides you with an overview of all the messages that were around at that same time. This way, you can fully understand the context around that alert.
Can I set my custom alert conditions?
You can click on the “Conditions” button to add new conditions that would fire an alert, or edit the current ones to customize them. In the video, you will see an example of how you can look for a DNS query coming from a specific domain.
What kind of notification will I receive when an event occurs?
Lastly, you can decide how you get how you're notified when an event occurs by clicking on the “Notifications” button. You can choose between email alerts, HTTP alerts, or script alerts. You can also customize the format of these alerts and set up different recipients.