Alert Rules
Alert rules define the conditions that must be met for an alert to be triggered. You can create rules at the monitor level or as organization-wide defaults.
Default rule
Every monitor has a default rule: alert when 2 consecutive checks fail. You can change this per monitor.
Rule conditions
| Condition | Description | Example |
|---|---|---|
status_code | HTTP status code check | status_code != 200 |
response_time | Response time threshold | response_time > 5000 |
ssl_expiry | Days until SSL cert expires | ssl_expiry < 14 |
body_contains | Response body check | !body_contains("ok") |
dns_resolved | DNS resolution success | dns_resolved == false |
tcp_connected | TCP connection success | tcp_connected == false |
Condition operators
| Operator | Meaning |
|---|---|
== | Equals |
!= | Not equals |
> | Greater than |
>= | Greater than or equal |
< | Less than |
<= | Less than or equal |
contains | String contains |
startsWith | String starts with |
matches | Regex match |
Severity levels
| Level | Color | Default notification |
|---|---|---|
info | 🔵 Blue | Email only |
warning | 🟡 Yellow | Email + Slack |
critical | 🔴 Red | All channels + SMS |
Configuring rules
Via the dashboard
- Open a monitor → "Alert Rules"
- Click "+ Add rule"
- Select condition, operator, and value
- Set severity and notification channels
Via YAML / API
alert_rules:
# Critical: service is completely down
- name: "Service Down"
condition: status_code != 200
consecutive_failures: 2
severity: critical
notify:
- channel: slack
target: "#ops-critical"
- channel: pagerduty
- channel: sms
# Warning: service is slow
- name: "High Latency"
condition: response_time > 3000
consecutive_failures: 3
severity: warning
notify:
- channel: slack
target: "#ops-alerts"
# Info: SSL cert expiring
- name: "SSL Expiry Warning"
condition: ssl_expiry < 30
severity: info
notify:
- channel: email
target: [email protected]
# Recover notification
recovery:
enabled: true
notify: [slack, email]
Global default rules
Set organization-wide defaults under Settings → Alert Defaults. These apply to all monitors unless overridden at the monitor level:
global_defaults:
consecutive_failures: 2
severity: critical
recovery_notifications: true
notify:
- channel: email
target: [email protected]
Alert grouping
When multiple monitors fail at the same time (e.g., during an infrastructure outage), AlertifyPro can group related alerts into a single incident:
alert_grouping:
enabled: true
group_by: [region, service_tag]
window: 5m # Group alerts within a 5-minute window
Testing alert rules
Use the "Test alert" button in the dashboard to send a test notification through all configured channels — verifying your Slack webhook, email, and SMS without waiting for an actual failure.