Introduction

To schedule slack notification in alerts, you need to configure the slack webhook URL in webhook settings. This article will help you to configure slack webhook URL in settings and slack parameters to be configured for sending alert notification to slack


Pre-requisites


Step-by-Step Instruction


To schedule the alert, click the Schedule Alert button. Click on Create Alert



Enter the appropriate values in the fields to generate the alert.



  • Classification will allow identifying the importance of Alerts ie. Critical / Warning / information
  • Alert Name of your choice.
  • Fill the index name, Skedler-Alerts will provide the available indices from Elasticsearch.
  • Optionally, you can select the Index Type for the selected Elasticsearch index.
  • Select the Time Field for the index.



 

 Alert Conditions

  • Keyword Filter - Alerts will search the entire index for the matching keyword. Keyword filter functionality looks more similar to Elasticsearch Query String Query pattern.

  • Aggregation Filter

    • Can perform aggregation operations like count, avg, min, max, sum based on the selection of field.

    • Select aggregation type, field, condition(like greater than, lesser than, equal to etc..) and value to apply the condition

  • Query Filter

    • Select field, query condition(Must be, Must not be, Should be), condition(like greater than, lesser than, equal to etc..) and value to apply the condition.

    • Can add n number of conditions by clicking add icon
  • Group By - Grouping the result in buckets based on nested aggregation.
  • Order - Sorting of events in bucket (Ascending or Descending)
  • Number of Documents - Number of bucket event counts to retrieve. For example - Input '5' will retrieve only 5 bucket values matching condition
  • Time window - To generate an alert for a specific time range. For example - last two hrs, last 5 days.
  • Compare to - Comparing the current time window to some other time window. For example - comparing the data for last 5 days to previous 5 days
  • Value (times) - Comparing 'x' times of data for the current time window to previous time window.
  • Operation - Comparing the data of current time window with condition (More than, Less than, More than equal to, Less than equal to) to the previous time window.
  • Relative Time Window(Last & to) - Compare the alert for the specific time range to the time window.



Schedule Details

Set up the schedule for the alert by selecting the Frequency type Seconds, Minutes, Hourly, Daily, Weekly and the interval for example if frequency type is seconds and frequency Time is 5, 

the alert condition is evaluated every 5 seconds. Set Start minutes at which the alert schedule will start to run for example if the minute is set to 00 and the current time is 16:30 hrs then schedule alert will start in 17:00 hrs. 



    

    Alert Action  - Slack notification with wehook


    To send slack notification with webhook , please select the slack webhook Alias and fill the appropriate fields


    Skedler-Alerts have default slack templates which you can select from template dropdown (Default Slack1). If you want to configure your own slack interactive message with the slack attributes, please refer the below link


     https://api.slack.com/docs/message-attachments


    Note - Slack api requires the attachments parameter to have slack notification.


   


    


 When the alert is scheduled, you can view the event occurred and its details of alert in slack.