ilert Documentation
WebsiteAPI ReferenceLoginStart for Free
  • Getting Started
    • Core concepts
    • FAQ
      • Renaming of Incidents to Alerts
    • Import from PagerDuty
    • Import from StatusPage.io
  • Alerting
    • Dashboard
    • Alert sources
    • Notification settings
      • Mute notifications
    • Support hours
    • Maintenance windows
    • Heartbeat monitoring
      • Prometheus Heartbeat Example
      • CLI Heartbeat Examples
    • Deployment events
    • 🏛️Understanding event flows
    • ilert sender IDs, domains and IPs
      • SMS and voice alerts in China
  • On-call management & Escalations
    • Escalation policies
    • On-call schedules
      • My on-call shifts
      • Recurring schedules
      • Static schedules
    • Coverage requests
  • ChatOps
    • Overview
    • Integration for Slack
      • Receive and respond to alerts in Slack
      • Create a dedicated Slack channel for an existing alert
      • Create alerts in Slack
      • Look up who is on-call
    • Microsoft Teams Integration
      • Microsoft Teams Chat Integration
        • Microsoft Teams Integration via Incoming Webhook
        • Microsoft Teams Integration via Workflows
      • Microsoft Teams Meeting Integration
      • Create a channel for an existing alert in Microsoft Teams
      • Create alerts in Microsoft Teams
      • Look up who is on-call in Microsoft Teams
  • Incident comms & status pages
    • Getting started
    • Services
    • Incidents
    • Status pages
      • Public vs private status pages
      • Audience-specific status page
    • Metrics
      • Import metrics from Datadog
      • Import metrics from Prometheus
  • 🪄ilert AI
    • Introduction
    • Using ilert AI for efficient incident communication
    • Using ilert AI for post-mortem creation
    • Using ilert AI for schedule generation
    • Using ilert AI for alert grouping
    • Global Search enhanced by ilert AI
      • Bulk resolving similar alerts
  • Call Routing
    • Getting started with call routing
    • Routing calls using call flows
    • Call routing (legacy)
      • Routing calls based on support hours
      • Voicemail only mode
      • Managing call routing alerts
      • Adding webhooks and outbound chat messages
      • Uploading custom audio responses
  • User Administration
    • User roles and permissions
    • Team-based organisation
    • Single sign on
      • Setting up SSO with GSuite
      • Setting up SSO with Microsoft Azure Active Directory
      • Setting up SSO with Okta
      • Setting up SSO with Auth0
      • Auto provisioning users & teams
    • 🔐Two-factor authentication / MFA
  • Reports
    • Overview
    • Alerts
  • Mobile App
    • Getting started with ilert mobile app
    • Mobile app notification settings
    • Critical push notifications and DND overrides
      • iOS critical alerts configuration
      • Android Push Notification DND Configuration
    • On-call widget
  • INTEGRATIONS
    • Types of integrations
    • Inbound integrations
      • 4me Integration
      • Ansible Automation Platform AWX Integration
      • Amazon CloudWatch Integration
      • Amazon SNS Integration
        • Amazon SNS Inbound Integration
        • Amazon SNS Outbound via AWS Lambda
      • Azure Alerts Integration
        • Azure Activity Logs
        • Azure Metric
        • Azure Logs
        • Azure Service Health
        • Azure Sentinel
        • Budget Alert
      • Apica Integration
      • AppDynamics Integration
      • AppSignal Integration
      • AWS Budgets Integration
      • AWS Cloudtrail Integration
      • AWS DevOps Guru Integration
      • AWS GuardDuty Integration
      • AWS Personal Health Dashboard Integration
      • AWS Security Hub Integration
      • Autotask Inbound Integration
      • Auvik Integration
      • Catchpoint Integration
      • Checkly Integration
      • Checkmk Integration
        • Checkmk Integration (v 1.x)
        • Checkmk Integration (v 2.0+ )
      • Cisco Meraki Integration
      • Cisco ThousandEyes Integration
      • Cisco Webex
      • Cloudflare Integration
      • ClusterControl Integration
      • Connectwise Manage Integration
      • Cortex Integration
      • Cortex XSOAR (formerly Demisto) Integration
      • CrowdStrike Integration
      • Dash0 Integration
      • Datadog Integration
      • Dynatrace Integration
      • Elastic Watcher Integration
      • Email Inbound Integration
        • Email Key Extraction and Resolve Examples
        • Automatically resolve Alerts with Emails
        • Migrating legacy email settings
      • FreshService Integration
      • Gatus Integration
      • GitHub Integration
        • GitHub Advanced Security Integration
        • GitHub Inbound Check Run (Actions) Integration
        • GitHub Inbound Issue Integration
        • GitHub advanced settings
      • GitLab Integration
      • Google Cloud Monitoring (formerly Stackdriver) Integration
      • Google Security Command Center
      • Grafana Integration Overview
        • Grafana Integration
        • Grafana Integration (v 9.x)
      • Graylog Integration
      • HaloITSM Integration
      • HaloPSA Integration
      • HashiCorp Consul
      • Healthchecks.io Integration
      • HetrixTools Integration
      • Honeybadger Integration
      • Honeycomb Integration
      • Hyperping Integration
      • CrowdStrike Falcon LogScale Integration
      • IBM Cloud Functions Integration
      • Icinga Integration
      • InfluxDB Integration
      • Instana Integration
      • IT-Conductor Integration
      • IXON Cloud Integration
      • Jira Inbound Integration
      • JumpCloud Integration
      • Kafka Integration
      • Kapacitor Integration
      • Kentix AlarmManager
      • Keep Integration
      • Kibana Integration
      • Kubernetes Integration
      • LibreNMS Integration
      • Lightstep Integration
      • Loki integration
      • Mezmo Integration
      • Microsoft SCOM
      • Mimir Integration
      • MongoDB Atlas Integration
      • MXToolBox Integration
      • MQTT Integration
      • Nagios Integration
      • N-central Integration
      • Netdata Integration
      • New Relic Integration
        • New Relic Integration (deprecated)
        • New Relic Workflow Integration
      • Oh Dear Integration
      • PandoraFMS Integration
      • Panther Integration
      • Particle Integration
      • Pingdom Integration
      • PostHog Integration
      • Postman Monitors Integration
      • Prometheus Integration
      • PRTG Network Monitor Integration
      • Prisma Cloud Integration
      • Push Notifications
      • RapidSpike Integration
      • Raygun Integration
      • Rollbar Integration
      • Salesforce Integration
      • Samsara Integration
      • Search Guard Integration
      • Sematext Integration
      • Sensu Integration
      • Sentry Integration
      • Server Density Integration
      • ServerGuard24 Integration
      • ServiceNow Inbound Integration
      • SignalFx Integration
      • Site24x7 Integration
      • SMS Integration
      • SolarWinds Integration
      • Splunk Integration
      • StatusCake Integration
      • StatusHub Integration
      • StatusPage Integration
      • Sumo Logic Integration
      • Sysdig Integration
      • TOPdesk Inbound Integration
      • TeamCity integration
      • Terraform Cloud / Terraform Enterprise
      • Tulip Integration
      • Twilio Alarms Integration
      • Twilio Errors Integration
      • Ubidots Integration
      • Uptime Kuma Integration
      • UptimeRobot Integration
      • VictoriaMetrics Integration
      • Zabbix Integration
        • Zabbix 4.4+ Integration
        • Zabbix 2.2 – 4.3 Integration
      • Zammad Inbound Integration
      • Zapier Inbound Integration
      • Zendesk Inbound Integration
    • Outbound integrations
      • Autotask Outbound Integration
      • DingTalk Integration
      • Discord Integration
      • Email Outbound Integration
      • Jira Outbound Integration
      • GitHub Outbound Issue Integration
      • Mattermost Integration
      • ServiceNow Outbound Integration
      • Telegram Integration
      • TOPdesk Outbound Integration
      • Webhook Integration
      • Zammad Outbound Integration
      • Zapier Outbound Integration
      • Zendesk Outbound Integration
      • Zoom Integration
        • Zoom Chat Integration
        • Zoom Meeting Integration
    • Deployment integrations
      • API deployment pipeline
      • Argo CD deployment pipeline
      • Github deployment pipeline
      • GitLab deployment pipeline
  • API
    • API Reference
    • API Version History
      • API user preference migration 2023
      • Discontinuation of Uptime Monitoring
    • Rate Limiting
    • Client Libraries
      • ilert Agent - ilagent
      • Go Client
      • Rust Client
      • Javascript / Node.js Client
    • Terraform
      • Importing ilert UI resources into Terraform state
    • 👩‍💻ICL - ilert condition language
    • ➿ITL - ilert template language
    • API endpoints / samples
      • Creating alerts through events
      • Importing public status page subscribers
    • 🔥Developing ilert Apps
      • Get started with ilert Apps
      • Understanding OAuth2
      • Developing a Backend App with OAuth2
      • Developing a web or native App with OAuth2 and PKCE
      • Token lifetimes, error codes, app verification, etc.
  • Contact us
  • ilert Release Notes
Powered by GitBook
LogoLogo

Product

  • Alerting & Notification
  • On-call Management & Escalations
  • Call Routing
  • Status Pages

Resources

  • Blog
  • Case Studies
  • Security
  • API Reference

Legal

  • Privacy policy
  • Imprint

Increase Your Uptime

  • Start for Free
  • Get a Demo

(c) 2011 - 2025 ilert GmbH

On this page
  • Create an alert source
  • Event Explorer
  • Alert template
  • Custom alert summary and details template
  • Alert links
  • Dynamic escalation policy routing
  • Notification priority and support hours
  • Default notification priority
  • Support hours based notification priority
  • Dynamic priority mapping
  • Event filter
  • Alert grouping
  • Native integration based grouping
  • Time based grouping
  • Grouping until accepted / resolved
  • ilert AI based similarity grouping

Was this helpful?

Edit on GitHub
  1. Alerting

Alert sources

Connect your third party tools to ilert.

PreviousDashboardNextNotification settings

Last updated 1 month ago

Was this helpful?

An alert source represents the connection between your tools (usually a monitoring system, a ticketing tool, or an application) and ilert. We often refer to alert sources as inbound integrations.

ilert provides the following inbound integration options:

Forward emails to an alert source's email address to integrate with ilert.

Write your own integration using our easy-to-use Event API.

SMS integration

Send alerts to ilert via SMS.

A heartbeat alert source will automatically create an alert if it does not receive a heartbeat signal from your app at regular intervals.

Create an alert source

  1. Go to Alert sources -> Alert sources and click Create new alert source.

  2. Select your integration type in the search field and click Next.

  3. Give your alert source a name, optionally assign teams, and click Next.

  4. Select an escalation policy by creating a new one or assigning an existing one.

  5. Select your preference and click Continue setup. You may click Do not group alerts for now and change it later.

  6. The next page shows additional settings, such as custom alert templates or notification priority. Click on Finish setup for now.

Event Explorer

Event Explorer provides a more detailed view of alerts received from the specific alert source. To see alert information in JSON format, choose the alert source you are interested in and navigate to the "Event Explorer" section beneath the source title. Event Explorer facilitates the search for specific events linked to alert sources using keywords or time frames.

Event Explorer is available for a selected list of alert sources, with event history available from March 2022 and alert correlations from December 2023 onwards.

Alert template

With alert templates, you can create your own template for the alert summary and alert details using preset fields from the integration. Moreover, our templating lets you extract links from the alert payload. Extracted links will be added to the links section of an alert.

Custom alert summary and details template

  1. Click on Alert sources -> Alert sources and choose an alert source to edit

  2. Navigate to the section Alert template and check the boxes for Alert summary and/or Alert details

  3. Create your custom template by selecting the fields you want use and entering any static text. The available fields are specific to the integration.

Field colors and accessing raw fields

  • Blue fields are preset fields provided by ilert.

  • Orange fields are extracted from past alerts in your account that were sent from the specific integration

  • Grey fields lets you extract any raw fields from the JSON payload by typing the name of the custom field, e.g. custom_field. You malso access nested fields and arrays, e.g. custom_field.array_field[5].nested_field

Testing your templates before saving

Using the preview button you may try out your current template. By default, ilert will try to find one of the latest event payload's that was received by your alert source. If there is none present, we will render a fallback JSON doc, which you might alter as you like.

Using the template text syntax

Your alert source template fields will start in text mode by default. In text mode you may use the Insert data... dropdown to help you add template variables quickly (see here to understand more about variables and how ilert automatically parses event data to offer additional variables to you) - the text syntax works like this:

Type
Sample
Description

Text

Some text

You may of course add generic text content to your liking

Variable

{{var}}

Extract content of the event and insert it. Note: there is no further sanitizing of the values

Accessing nested variables

{{ var.subfield.evenMore }}

Access sub fields

Accessing fields of an array

{{ var.arrayField[0].more }}

Access array contents

See ITL below to learn more about the templating language and its features for blocks, loops and functions:

Alert links

ilert can extract alert links from the alert payload. Extracted links will be added to the alert's links section.

Alert link template
Alert with extracted link

Dynamic escalation policy routing

With dynamic escalation policy routing, the escalation policy to be used will be determined based on the incoming alert, instead of always using the same escalation policy that is configured on the alert source.

In the above example, the field Group key from the alert payload will be used as the routing key.

Notification priority and support hours

Default notification priority

By using notification priority, you can easily customise your alert notification based on your notification rules.

  1. Click on Alert sources -> Alert sources and choose an alert source to edit

  2. Scroll down to the section Notification priority and set your desired Notification priority

ilert provides different priority settings to customize your alerts.

  • Low (no escalation): You will be notified based on your low-priority notification rules and an alert cannot be escalated.

Support hours based notification priority

  • High during support hours, low priority otherwise: During your support hours, you are notified based on your high priority notification rules. At all other times, you are notified based on your low priority notification rules.

  • Low during support hours, high priority otherwise: During your support hours, you are notified based on your low priority notification rules. At all other times, you are notified based on your high priority notification rules.

If you select High during support hours, low priority otherwise, you can choose to Raise priority of all pending alerts by ticking the checkbox located under the support hour selection. All your pending alerts for the current alert source will be raised to "high" when your support hours begin.

If you select Low during support hours, high priority otherwise, you can choose to Raise priority of all pending alerts by ticking the checkbox located under the support hour selection. All your pending alerts for the current alert source will be raised to "high" when your support hours end.

Dynamic priority mapping

With dynamic priority mapping, you can use alert fields to extract and map notification priority. This will overwrite default priority, if enabled.

To enable dynamic priority mapping

  1. Click on Alert sources -> Alert sources and choose an alert source to edit

  2. Scroll down to the section Notification priority and check Enable dynamic priority mapping

  3. Enter template to to extract the priority field from the alert payload

  4. Add priority mappings. A priority mapping maps an extracted value from the alert payload to the ilert priority

ilert will fallback to the alert source's default priority, if a priority could not be extracted.

Event filter

Sometimes flagging alerts as low priority is not enough and it is necessary to drop events completely. e.g. Grafana DatasourceNoData This is why you can configure one or multiple event filter groups for your alert source to process only desired events into alerts.

You may choose between properties of the known ilert event payload such as priority or summary, some more advanced dynamic fields like trigger counts which allow you to define your own rate limits as well as schedules and support hours to fine tune accept windows - and of course custom payload fields.

If you wish for even more customization you can switch the UI into the code editor mode and get full access to the ICL, find out more about it here:

Alert grouping

Alert grouping helps you reduce noise by clustering related alerts within a defined time window or by allowing only one open alert at a time per source.

There are 5 types of alert grouping available:

  • Native integration based grouping

  • Time-based grouping

  • Grouping until accepted

  • Grouping until resolved

  • ilert AI similarity based grouping

Native integration based grouping

By default every alert source attempts to offer the best experience based on the features that the corresponding third party integration tool has available. Some tools offer more e.g. resolve events or proper alertKeys to group events, some tools offer a plain webhook without any additional context. ilert shows the integration features in the creation wizard:

Integrations such as Autotask, Jira, Grafana or Prometheus provide rich payloads which ilert automatically uses to identify alertKey and eventTypes, which are used to automatically group incoming events, if an unresolved alert with the same identifier is found.

Time based grouping

An alert source with alert grouping enabled will group together alerts triggered within the defined time window and create only one alert. Grouped alerts will show up as events in the alert's timeline. You can select relative time windows e.g. 2 minutes, 5 minutes, etc.

Grouping until accepted / resolved

Besides static relative windows you can also define action-based windows. By doing so alerts will be grouped until all alerts of the same alert source are accepted or resolved, before opening a new alert. (You find these options at the end of the time-based selector)

ilert AI based similarity grouping

Check out the link below to see more about AI based grouping:

These are pre-built integrations by ilert and work-out-of the box with your monitoring tools. If you're missing a tool, feel free to an integration that you'd like to see in ilert.

To extract the escalation policy from the alert payload, add a routing key template in the section Escalation -> Dynamic routing.

High (with escalation): You will be notified based on your and an alert can be escalated based on escalation policy.

ilert also lets you dynamically set the notification priority based on the alert source's . This lets you, for instance, use more obtrusive notification methods like phone calls outside of business hours and use not so obtrusive ones during business hours.

➿ITL - ilert template language
routing key
high-priority notification rules
support hours
👩‍💻ICL - ilert condition language
Using ilert AI for alert grouping
Tool integrations
suggest
Email integration
Event API
Heartbeat monitoring
Alert grouping
Enable alert grouping during alert source creation or in the alert source's advanced settings