Alerting overview - step by step

Overview

Following tutorial gives you an overview how alerting with prometheus and alertmanager works.

Configuration objects

Prometheus Alerting

• Alert Group: Summary of Alert Rules and Alert Records, which have the same topic and the same check interval.
• Alert Rule: Define alert conditions based on Prometheus Query Language and send the notification to an external service.
• Alert Record: Frequently required or computationally intensive expressions are precalculated and save these values as time series.

Alert Manager

• Alertconfigs Routes: A route block defines a node in a routing tree and its children.
• Alertconfigs Receivers: Defines one or more notification channels.

Alerting process

The names in the brackets correspond to the key names in the API calls

• Prometheus configuration:
  • Alert Groups summarize Alert Rules with the same alert category. In addition, the check interval can be selected individually for this alert group.
  • Prometheus periodically checks all defined Alert Rules to see if their condition is met in the expression (expr).
    The alarm can be provided with a delay (for). An alarm is only triggered if the condition remains fulfilled, for example, for 5 minutes.
    Labels are attached to the alarm in order to categorize it for further alarming. An example of this is “severity=warning”. The severity label defines the severity of the alert.
    The annotation contains an error description (annotations).
  • It is possible to calculate frequently required or computationally intensive expressions using Alert Records and to save them as time series.
    These can be used in the Alert Rules and accelerate the processing of the alerts.
  • Prometheus has therefore defined an alert and sends it to the Alert Manager for further processing.
  • This link leads to detailed documentation: API Alertmanager Groups and Alerts Observability
• Alert manager configuration:
  • The Alert Manager takes care of deduplication, grouping and routing. The configuration is done in the Alertconfigs Routes.
    Similar alerts - in terms of content (groupBy) or time (group_wait) - are summarized by the Alert Manager into one message.
  • Matchers define filters for the labels specified in the Alert Rules. If all labels specified in the matcher match those of the alert, the receiver entered in the routes is selected.
  • The receivers are configured using Alertconfigs Receivers. The receiver name(name) must match the receiver(receiver) of the Alertconfigs Routes.
    At least the fields of a receiver must be filled in for an alarm to work. Alerts by email, OpsGenie and webhook are possible.
  • This link leads to detailed documentation: API Alertmanager Reciever Observability

Links

An API call exists for each configuration object so that the component can be provided. The documentation for this can be found in the following links:

• redoc - https://docs.api.eu01.stackit.cloud/argus/version/v1

The relevant information can be found under the API URLS:

• alert groups /v1/projects/[projectId]/instances/[instanceId]/alertgroups
• alert rules /v1/projects/[projectId]/instances/[instanceId]/alertgroups/[groupName]/alertrules
• alert records /v1/projects/[projectId]/instances/[instanceId]/alertgroups/[groupName]/records
• alertconfigs routes /v1/projects/[projectId]/instances/[instanceId]/alertconfigs/routes
• alertconfigs receivers /v1/projects/[projectId]/instances/[instanceId]/alertconfigs/receivers

API documentation

• API Prerequisites Observability
• How to create new Alert Group and Rule

Get API URL

• Log into the STACKIT portal
• Select project
• Click on Services in the Overview section
• Select service
• Select Dashboard in the section “Service details”
• Click on Service Dashboard
• Select the API menu item in the OBSERVABILITY DASHBOARD section
• With API URL it’s possible to connect to Observability API