All Products
Search
Document Center

Simple Log Service:Add labels and annotations

Last Updated:Aug 08, 2024

When creating alert rules, you can specify labels and annotations. Labels are used to denoise alerts, manage notification routes, and allocate notification channels. Annotations are used to configure alert templates and dispatch alerts.

Labels

Usage scenarios

  1. Deduplicate alerts

    Labels are identifying attributes of alerts and are part of alert fingerprints, which help remove duplicate alerts. If two alerts have the same labels, only one alert is retained. For the working principle of alert fingerprints, see Deduplicate alerts based on fingerprints.

    // Alert1
    {
      "aliuid": "12345",
      "project": "Project1",
      "alert_id": "alert-123",
      "labels": {
        "host": "host-1"
      },
      "annotations": {
        "title": "High CPU utilization",
        "desc": "Current CPU utilization is 90%"
      }
    }
    
    // Alert2
    {
      "aliuid": "12345",
      "project": "Project1",
      "alert_id": "alert-123",
      "labels": {
        "host": "host-1"
      },
      "annotations": {
        "title": "High CPU utilization",
        "desc": "Current CPU utilization is 95%"
      }
    }
  2. Reference labels in content templates

    Labels are of the map type. When you add labels in the alert rule, you can reference the labels in the content of the alert template through ${labels}.

    image

  3. Denoise alerts

    In alert policies, you can use labels as merge conditions to denoise alerts. For example, use Alert ID and All Labels to merge alerts, as shown in the following figure. For more information, see Merge by.

    image

  4. Allocate notification channels

    The alert management system and notification management system manage alerts and allocate notification channels based on the labels. For example, when configuring the action policy, you can configure different action groups based on labels, as shown in the following figure.

    image

How to add labels

You can add labels when creating alert rules. For example, add labels env and team, as shown in the following figure.

biaoqian

In addition, the fields specified when you set the Group Evaluation parameter are automatically used as labels.

image

Annotations

Usage scenarios

The alert management system and notification management system manage alerts and allocate notification channels based on annotations. For example, you can configure different group merges based on annotations in the alert policy. In the action policy, you can configure different action groups based on annotations.

image

How to add annotations

Add annotations when creating alert rules. For example, add the annotations as shown in the following figure.

image

When configuring annotation content, you can use built-in variables or reference field variables in the group evaluation. When referencing field variables in the group evaluation, the actual value is the corresponding attribute value when the alert is triggered. The built-in variables used are shown in the table below.

Variable

Description

__count__

The number of rows in each group after these rows are grouped. If you set the Group Evaluation parameter to No Grouping, all data is in one group.

__pass_count__

The number of rows that meet specified conditions in each group after these rows are grouped. If you set the Group Evaluation parameter to No Grouping, all data is in one group.

__0_count__

The number of rows that are returned for the first query.

__1_count__

The number of rows that are returned for the second query.

__2_count__

The number of rows that are returned for the third query.

aliuid

The ID of an Alibaba Cloud account.

alert_instance_id

The ID of an alert.

alert_id

The ID of an alert rule.

alert_name

The name of an alert rule.

project

The project to which an alert rule belongs.

Automatic annotations

Automatic annotations are a supplement to alert annotations. When you create an alert rule, you can turn on the Auto-Add Annotations switch, and the fields are automatically added to the annotation.

Note
  • If more than one value exists in a field, the first value is added to the annotation.

  • The __count__ built-in field indicates the number of rows in the result of a set operation.

  • Grouping

    When you create an alert rule, you can set Group Evaluation to Custom Label and turn on the Auto-Add Annotations switch. Then, the non-grouped fields and the __count__ built-in field in the result of the set operation are automatically added to the annotation.

    For example, the result of the set operation includes host and pv, and the result is grouped by the host field. If you turn on the Auto-Add Annotations switch, the pv field and the __count__ field are added to the annotation.

    image

  • No grouping

    When you create an alert rule, you can set Group Evaluation to No Grouping and turn on the Auto-Add Annotations switch. Then, all fields and the __count__ built-in field in the result of the set operation are automatically added to the annotation.

    For example, the result of the set operation includes host and pv. If you turn on the Auto-Add Annotations switch, the host, pv, and __count__ fields are added to the annotation.

    image