vRealize Log Insight Cloud provides built-in system alerts for critical issues. You can also configure alerts based on queries that run at scheduled intervals or on every log ingested. You can view the recent alerts in the system and send email and webhook notifications for alerts.

Note: You must be an administrator to edit alerts.

Types of Alerts that You Can Create

You can control the intervals at which alert queries run, and the conditions when vRealize Log Insight Cloud sends alert notifications, by creating one of the following alert types.

Alerts Based on Number of Events Within a Custom Period of Time
The alert query intervals for these alerts, also known as windowed alerts, depend on your settings. A notification is triggered according to your settings, when more or less than X matching logs occur in the last Y minutes.
If this type of alert is triggered, it is snoozed during its time period to prevent duplicate alerts from being raised for the same set of events.
Alerts on Every Match
You can create real-time alerts that match the alert query for every log that is ingested into vRealize Log Insight Cloud.

Content Pack Alerts

Content packs can contain alerts. The vSphere content pack that is included in vRealize Log Insight Cloud by default contains several predefined alerts. You can enable these alerts in your environment.

All content pack alerts are deactivated by default.