All Products
Search

This Product

    Simple Log Service:Add labels and annotations

    Document Center

    Simple Log Service:Add labels and annotations

    Last Updated:Aug 08, 2024

    When creating alert rules, you can specify labels and annotations. Labels are used to denoise alerts, manage notification routes, and allocate notification channels. Annotations are used to configure alert templates and dispatch alerts.

    Labels

    Usage scenarios

    1. Deduplicate alerts

      Labels are identifying attributes of alerts and are part of alert fingerprints, which help remove duplicate alerts. If two alerts have the same labels, only one alert is retained. For the working principle of alert fingerprints, see Deduplicate alerts based on fingerprints.

      // Alert1
{
  "aliuid": "12345",
  "project": "Project1",
  "alert_id": "alert-123",
  "labels": {
    "host": "host-1"
  },
  "annotations": {
    "title": "High CPU utilization",
    "desc": "Current CPU utilization is 90%"
  }
}

// Alert2
{
  "aliuid": "12345",
  "project": "Project1",
  "alert_id": "alert-123",
  "labels": {
    "host": "host-1"
  },
  "annotations": {
    "title": "High CPU utilization",
    "desc": "Current CPU utilization is 95%"
  }
}

    2. Reference labels in content templates

      Labels are of the map type. When you add labels in the alert rule, you can reference the labels in the content of the alert template through ${labels}.

      image

    3. Denoise alerts

      In alert policies, you can use labels as merge conditions to denoise alerts. For example, use Alert ID and All Labels to merge alerts, as shown in the following figure. For more information, see Merge by.

      image

    4. Allocate notification channels

      The alert management system and notification management system manage alerts and allocate notification channels based on the labels. For example, when configuring the action policy, you can configure different action groups based on labels, as shown in the following figure.

      image

    How to add labels

    You can add labels when creating alert rules. For example, add labels env and team, as shown in the following figure.

    biaoqian

    In addition, the fields specified when you set the Group Evaluation parameter are automatically used as labels.

    image

    Annotations

    Usage scenarios

    The alert management system and notification management system manage alerts and allocate notification channels based on annotations. For example, you can configure different group merges based on annotations in the alert policy. In the action policy, you can configure different action groups based on annotations.

    image

    How to add annotations

    Add annotations when creating alert rules. For example, add the annotations as shown in the following figure.

    image

    When configuring annotation content, you can use built-in variables or reference field variables in the group evaluation. When referencing field variables in the group evaluation, the actual value is the corresponding attribute value when the alert is triggered. The built-in variables used are shown in the table below.

    Variable

    Description

    __count__

    The number of rows in each group after these rows are grouped. If you set the Group Evaluation parameter to No Grouping, all data is in one group.

    __pass_count__

    The number of rows that meet specified conditions in each group after these rows are grouped. If you set the Group Evaluation parameter to No Grouping, all data is in one group.

    __0_count__

    The number of rows that are returned for the first query.

    __1_count__

    The number of rows that are returned for the second query.

    __2_count__

    The number of rows that are returned for the third query.

    aliuid

    The ID of an Alibaba Cloud account.

    alert_instance_id

    The ID of an alert.

    alert_id

    The ID of an alert rule.

    alert_name

    The name of an alert rule.

    project

    The project to which an alert rule belongs.

    Automatic annotations

    Automatic annotations are a supplement to alert annotations. When you create an alert rule, you can turn on the Auto-Add Annotations switch, and the fields are automatically added to the annotation.

    Note

    • If more than one value exists in a field, the first value is added to the annotation.

    • The __count__ built-in field indicates the number of rows in the result of a set operation.

    • Grouping

      When you create an alert rule, you can set Group Evaluation to Custom Label and turn on the Auto-Add Annotations switch. Then, the non-grouped fields and the __count__ built-in field in the result of the set operation are automatically added to the annotation.

      For example, the result of the set operation includes host and pv, and the result is grouped by the host field. If you turn on the Auto-Add Annotations switch, the pv field and the __count__ field are added to the annotation.

      image

    • No grouping

      When you create an alert rule, you can set Group Evaluation to No Grouping and turn on the Auto-Add Annotations switch. Then, all fields and the __count__ built-in field in the result of the set operation are automatically added to the annotation.

      For example, the result of the set operation includes host and pv. If you turn on the Auto-Add Annotations switch, the host, pv, and __count__ fields are added to the annotation.

      image