Alerts is a centralized experience for detecting important conditions across your Cribl environment and routing them to the right people and systems. It provides out-of-the-box Monitors, an Active Alerts page, and Notification routing, so you can act quickly when thresholds are reached or behavior changes.

Why Use Alerts

​

• Proactive detection: Get notified when health, throughput, or data behavior deviates, instead of finding issues downstream.
• Single place to manage: Review alert activity, adjust Monitors, mute noise, and route Notifications without switching products.
• Faster triage: Each alert links directly to relevant views and context, reducing time from detection to resolution.

How It Works

​

• Monitors: A set of default Monitors is provided with defaults. You can enable/disable, tune thresholds and evaluation intervals, and route Notifications.
• Active Alerts: The Active Alerts page lists Monitors to browse, filter, and investigate alerts. Each entry shows what triggered, when, and current state, with links to dashboards and logs for context.
• Notifications: Route alerts to supported targets, such as email or webhooks. Policies control which notifications are sent, how often, and when to suppress them during maintenance windows. Muting rules suppress notifications temporarily by Monitor or tag.