When creating alert rules, you can specify labels and annotations. Labels are used to denoise alerts, manage notification routes, and allocate notification channels. Annotations are used to configure alert templates and dispatch alerts.
Labels
Usage scenarios
Deduplicate alerts
Labels are identifying attributes of alerts and are part of alert fingerprints, which help remove duplicate alerts. If two alerts have the same labels, only one alert is retained. For the working principle of alert fingerprints, see Deduplicate alerts based on fingerprints.
// Alert1 { "aliuid": "12345", "project": "Project1", "alert_id": "alert-123", "labels": { "host": "host-1" }, "annotations": { "title": "High CPU utilization", "desc": "Current CPU utilization is 90%" } } // Alert2 { "aliuid": "12345", "project": "Project1", "alert_id": "alert-123", "labels": { "host": "host-1" }, "annotations": { "title": "High CPU utilization", "desc": "Current CPU utilization is 95%" } }
Reference labels in content templates
Labels are of the map type. When you add labels in the alert rule, you can reference the labels in the content of the alert template through
${labels}
.Denoise alerts
In alert policies, you can use labels as merge conditions to denoise alerts. For example, use Alert ID and All Labels to merge alerts, as shown in the following figure. For more information, see Merge by.
Allocate notification channels
The alert management system and notification management system manage alerts and allocate notification channels based on the labels. For example, when configuring the action policy, you can configure different action groups based on labels, as shown in the following figure.
How to add labels
You can add labels when creating alert rules. For example, add labels env and team, as shown in the following figure.
In addition, the fields specified when you set the Group Evaluation parameter are automatically used as labels.
Annotations
Usage scenarios
The alert management system and notification management system manage alerts and allocate notification channels based on annotations. For example, you can configure different group merges based on annotations in the alert policy. In the action policy, you can configure different action groups based on annotations.
How to add annotations
Add annotations when creating alert rules. For example, add the annotations as shown in the following figure.
When configuring annotation content, you can use built-in variables or reference field variables in the group evaluation. When referencing field variables in the group evaluation, the actual value is the corresponding attribute value when the alert is triggered. The built-in variables used are shown in the table below.
Variable | Description |
__count__ | The number of rows in each group after these rows are grouped. If you set the Group Evaluation parameter to No Grouping, all data is in one group. |
__pass_count__ | The number of rows that meet specified conditions in each group after these rows are grouped. If you set the Group Evaluation parameter to No Grouping, all data is in one group. |
__0_count__ | The number of rows that are returned for the first query. |
__1_count__ | The number of rows that are returned for the second query. |
__2_count__ | The number of rows that are returned for the third query. |
aliuid | The ID of an Alibaba Cloud account. |
alert_instance_id | The ID of an alert. |
alert_id | The ID of an alert rule. |
alert_name | The name of an alert rule. |
project | The project to which an alert rule belongs. |
Automatic annotations
Automatic annotations are a supplement to alert annotations. When you create an alert rule, you can turn on the Auto-Add Annotations switch, and the fields are automatically added to the annotation.
If more than one value exists in a field, the first value is added to the annotation.
The __count__ built-in field indicates the number of rows in the result of a set operation.
Grouping
When you create an alert rule, you can set Group Evaluation to Custom Label and turn on the Auto-Add Annotations switch. Then, the non-grouped fields and the __count__ built-in field in the result of the set operation are automatically added to the annotation.
For example, the result of the set operation includes host and pv, and the result is grouped by the host field. If you turn on the Auto-Add Annotations switch, the pv field and the __count__ field are added to the annotation.
No grouping
When you create an alert rule, you can set Group Evaluation to No Grouping and turn on the Auto-Add Annotations switch. Then, all fields and the __count__ built-in field in the result of the set operation are automatically added to the annotation.
For example, the result of the set operation includes host and pv. If you turn on the Auto-Add Annotations switch, the host, pv, and __count__ fields are added to the annotation.