Logit.io

A Frequency alert matches when there are at least a certain number of events <code>num_events</code> in a given timeframe <code>timeframe</code>.

This would allow you to receive alerts in scenarios such as if there are 100 or more events <code>num_events</code> matching the specified filter <code>query</code> and the events all happen within a 3-hour window <code>timeframe</code> you would receive an alert to your configured channel. Here is an example below:

name: "Frequency alert example" type: frequency index: "*-*" timeframe: hours: 3 num_events: 100 filter: - query: query_string: query: "router.status: [500 TO 599]" realert: minutes: 10 exponential_realert: hours: 8 alert: - "email" email: - "example@logit.io"

In addition, you can also provide a <code>realert</code> to ignore repeating alerts for the defined period of time. You can also provide an <code>exponential_realert</code> value and this will exponentially increase the value <code>realert</code> while alerts continue to fire.

Read Logit.io's <a href="https://help.logit.io/en/articles/3624510-an-introduction-to-alerting">introduction to alerting</a>

Learn <a href="https://help.logit.io/en/articles/3622196-how-do-i-create-a-new-elastalert-rule">how to create an ElastAlert rule</a>

Learn <a href="https://help.logit.io/en/articles/3633552-how-can-i-check-my-elastalert-rule-is-configured-correctly">how to ensure my ElastAlert rule is configured correctly</a>

Learn more about ElastAlert rules: if you'd like to learn more about ElastAlert rules from the people that built it, check out their <a href="https://elastalert.readthedocs.io/en/latest/ruletypes.html" target="_blank" rel="nofollow noopener noreferrer">cheat sheet</a>.

- Read Logit.io's <a href="https://help.logit.io/en/articles/3624510-an-introduction-to-alerting">introduction to alerting</a>
- Learn <a href="https://help.logit.io/en/articles/3622196-how-do-i-create-a-new-elastalert-rule">how to create an ElastAlert rule</a>
- Learn <a href="https://help.logit.io/en/articles/3633552-how-can-i-check-my-elastalert-rule-is-configured-correctly">how to ensure my ElastAlert rule is configured correctly</a>
- Learn more about ElastAlert rules: if you'd like to learn more about ElastAlert rules from the people that built it, check out their <a href="https://elastalert.readthedocs.io/en/latest/ruletypes.html" target="_blank" rel="nofollow noopener noreferrer">cheat sheet</a>.

Create a frequency alert for logs/metrics. When log count exceeds a certain number of events within a time interval, trigger an alert

Additional Options

What's next?