Skip to content

Alerting with Slack

Estimated time to read: 2 minutes

Acquisition notice

In October 2022, ServiceNow acquired Era Software. The documentation on this site is no longer maintained and is intended for existing Era Software users only.

To get the latest information about ServiceNow's observability solutions, visit their website and documentation.

This page shows how to use alerting in EraSearch's UI. By the end of this guide, you'll have an alert rule that sends alert notifications to Slack.

While this guide uses Slack as the notification channel, the UI also supports Webhooks.

Before you begin

The steps below assume you have an EraCloud account and a Slack Webhook URL.

Sample data

This guide creates an alert on sample, real-time data. See steps one and two in Writing data with Vector to use the same data.

Instructions

Step 1: Access alerting

To access alerting, sign in to your EraCloud account and click bell icon.

Step 2: Configure the notification channel

Follow these steps to create a Slack notification channel:

  1. In the Alerts tab, click Channels > + Add channel.
  2. Configure your notification channel:
    1. For Name, give your notification channel a name, for example, Team alerts channel.
    2. For Type, select Slack.
    3. For Channel, enter the channel associated with your Slack Webhook URL, for example, team-alerts.
    4. For Webhook URL, enter your existing Slack Webhook URL.
  3. Click Test channel to check your configuration and get a sample event in Slack.
  4. Click Save channel.

Step 3: Configure the alert rule

Follow these steps to configure and test your alert rule:

  1. In the Alerts tab, click Rules > + Add rule.

  2. Set the details for your alert rule:

    1. For Name, give a name that'll appear in the alert notification.

      Example: GET 404 errors.

    2. For Desc., add details you want to include in the alert notification.

      Example: Check backend services.

    3. For Query, enter a query using Elasticsearch's query-string syntax.

      Example: status:404 AND method:GET AND size:>3000.

  3. Set the conditions for your alert rule by selecting items in the IF, WITHIN, and NOTIFY drop-downs.

  4. Click Test rule to check your configuration and get a sample alert notification in Slack.
  5. Click Save rule to enable the alert rule.

You've officially configured an alert! Note that you can click the megaphone icon to mute and unmute your alert rule in the UI.

Next steps

Visit these pages for more on working with and exploring data in EraSearch:

Last update: August 7, 2023