Skip to main content

Alerts

You can set up alerts for Pivot to monitor events in your data. An alert monitors for when one or more measures match configurable conditions. You can choose how you want to be notified when an alert gets triggered, and set the recipients for these notifications.

Pivot uses the alert configuration to query the specified data cube and filter the data. It then evaluates your specified conditions against the query results to determine when to trigger the alert.

Alerts are based on your own datafor example, you can trigger an alert when revenue drops by a specified percentage.

Create an alert

Follow these steps to create an alert:

  1. Click the menu ellipsis on the Data cube page, then click Set up alert: New alert icon on the data cube view

  2. The Create new alert page appears. If you click Set up alert icon from the data cube view, Pivot populates some of the alert's configurable fields with values from the data cube. You can modify all fields before saving the alert:

    FieldDescription
    Alert nameEnter a name for your new alert. This name is also the alert's title in the alerts view. The name also appears in emails and webhook notifications.
    SeverityThe severity you select affects the alert's color and icon in the UI. Supported values are Info, Warning, Error, OK.
    Data cubeSpecify the data cube that has the data you want the alert to monitor.
    Check everyDefines how often Pivot evaluates alert criteria. You can select a predefined length of timefor example, Minute, Hour, Dayor enter a custom value. Pivot uses the ISO 8601 duration format to describe time intervals. For example, you can define a 12-hour period with the string PT12H or a 2-month period with the string P2M.
    You can restrict the options available to most users by setting a Minimum alert frequency in the data cube's properties.
    Time frameControls the amount of data Pivot considers when evaluating the alert criteria based upon a time interval. Setting this field to Day, for instance, results in the alert querying data for the previous day (defined from the moment the alert is evaluated). It's best practice to make Time frame greater than or equal to Check every, so that your alert doesn't skip events. By default, Time frame and Check every are equal.
    You can restrict the options available to most users by setting a Minimum alert timeframe in the data cube's properties.
    Latest data strategy overrideOverrides the latest data strategy setting for the Data cube and determines how Pivot calculates the latest data time for the alert:
    • Inherit from data cube: Default setting.
    • Query the latest timestamp from the data source: Set the latest data time to the latest data timestamp.
    • Use the current time: Set the latest data time to the current time. Use this option to trigger an alert when no new data has been ingested.
    FiltersYou can define one or more filters to delimit the alert data gathered during the alert evaluation. You cannot define a static time filter.
    Look atSelect Overall values to evaluate against a measure, and "Dimension values" to evaluate against a dimension.
    ComparisonSelect None for the alert to trigger based on an absolute condition, such as when a certain measure is greater than a certain value. For a relative condition, such as when a measure changes by a certain value, select a comparison period or set a custom period.
    ConditionsWhen the conditions you specify here are true, your alert is triggered. You can specify one or more conditions. If you specify more than one, you can select whether one or all conditions must be true to trigger the alert.
    MeasureSpecify the measure to which your conditions apply.
    ConditionIf you set the Comparison field to None, you can trigger the alert when the condition is greater than or less than a specified value. If you set a comparison period and enable the Enhanced alert conditions editor feature flag, you can trigger the alert when the condition grows or drops by an absolute value or percentage.

Preview shows how many times the alert would have triggered on your data in the previous time frame. The active alert may trigger more or less often depending on your live data. For minute-level alerts, the frequency may fall below the expected value due to query latency.

Edit an alert

To edit an alert, click the ellipsis icon on the Alerts page, then click Edit.

Alternatively, you can edit an alert by clicking the alert's name. Then click Edit alert.

Configure alert delivery options

If you're running Pivot in default-user mode, and you don't support email or webhooks, the Delivery options view is hidden.

To specify alert recipients and notification methods:

  1. Click Delivery options on the Create new alert page:

    new alert delivery setup

  2. On the new page that appears, complete the following fields:

FieldDescription
RecipientsSelect one or more users and roles to have read access to the alert. These users can view an alert in the Pivot UI and receive alert emails if the Email option is checked.
AdminsSelect one or more users and roles to have admin access to the alert. These users can view and edit the alert, and receive alert emails if the Email option is checked.
OwnerThe alert's owner.
EmailIf checked, Pivot sends alert emails to the alert's Recipients and Admins.
Deliver to external emailsYou can optionally enter a comma-separated list of external email addresses to receive alert emails.
WebhooksWebhooks enable notifications about triggered alerts by a third-party service. Configure a webhook to be notified about triggered alerts by a third-party service. Pivot supports Slack and custom webhooks. See Configure a webhook for more information.

Configure an alert email in on-prem Pivot

You can send an email to an alert's chosen recipients when an alert is triggered. To send an email, you must first configure Pivot to send emails.

You can send both default and custom alert emails.

The default template for an alert email is in the Pivot configuration file.

The default subject line is as follows:

subject: '[{{{severity}}}] {{{title}}} was triggered on {{{triggerDate}}}

The default markup is as follows:

Show the markup
<!doctype html>
<html>
<head>
<meta name="viewport" content="width=device-width">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>{{title}}</title>
<style>
html {
font-family: sans-serif;
}

h2 {
font-weight: initial;
color: #1c1c1c;
}

dt {
float: left;
clear: left;
width: 100px;
color: #969696;
}

dd {
margin: 0 0 0 100px;
padding: 0 0 0.5em 0;
height: 18px;
}

a {
text-decoration: none;
color: white;
background-color: #258bdd;
padding: 11px 16px 9px 16px;
font-size: 13px;
}

table {
border-collapse: collapse;
font-size: 0.8rem;
}

td, th {
border-bottom: 1px solid rgb(232, 232, 232);
padding: 10px 20px;
}

th {
color: #969696
}

td {
text-align: left;
}

tr:nth-child(even) td {
background-color: rgb(250,250,250);
}

tr:nth-child(odd) td {
background-color: rgb(245,245,245);
}

</style>
</head>
<body>
<dl>
<dt>Data cube</dt>
<dd>{{dataCubeTitle}}</dd>

<dt>Time frame</dt>
<dd>{{timeFrame}}</dd>

<dt>Check frequency</dt>
<dd>{{checkFrequency}}</dd>

<dt>Filter</dt>
<dd>{{filter}}</dd>

<dt>Condition</dt>
<dd>{{condition}}</dd>
{{^summaries.1}}
<dt>Event</dt>
<dd>{{summaries.0.event}}</dd>
{{/summaries.1}}
</dl>

{{#summaries.1}}
<table>
<thead>
<td scope="col">{{splitTitle}}</td>
<td scope="col">Event</td>
</thead>
<tbody>
{{#summaries}}
<tr>
<td>{{value}}</td>
<td>{{event}}</td>
</tr>
{{/summaries}}
</tbody>
</table>
{{/summaries.1}}


{{#link}}
<p>
<a href="{{link}}">View</a>
</p>
{{/link}}
</body>
</html>

You can use the following interpolation properties in both the email's subject and body:

PropertyDescription
titleThe alert's title.
linkA link to a Pivot data cube view for the report instance. This requires the linkHostName config setting to be configured.

Configure Imply Hybrid to send alert emails

Before you can send an email alert in Imply Hybrid (formerly Imply Cloud), you must configure Imply Hybrid to send email.

To configure Imply Hybrid to send email using Amazon Simple Email Service (Amazon SES):

  1. Verify your email address. See Verifying email addresses in Amazon SES for more information.
  2. Move out of the Amazon SES sandbox. See Moving out of the Amazon SES sandbox for more information.
  3. Add the ses:SendRawEmail permission to your imply-cloud-instance-poc IAM role for permission to call the Amazon SES API.

Configure a webhook

A user needs the ManageAlertsWebhooks permission to create or modify webhooks for an alert.

For Slack webhooks, the payload is predefined and you only need a webhook URL. For custom webhooks, you can customize the data Pivot sends.

Configure a Slack webhook

You can send alert data to a Slack webhook:

  1. Generate a webhook URL by following steps 1 to 3 of this Slack tutorial.

  2. Paste the URL into a new webhook as shown below:

    alert new webhook

    An example Slack payload is as follows:

    {
    "attachments": [
    {
    "fallback": "Alert was triggered",
    "color": "#038ADC",
    "title": "Alert was triggered",
    "title_link": "/pivot/d/6e7aacc0d0cf2644d8",
    "text": "Hourly alert",
    "ts": 1683557493
    }
    ]
    }

Configure a custom webhook

You can define a webhook as custom and customize its payload. This payload contains a variety of keys that are interpolated as follows:

  • Title: The Alert name specified during alert creation.
  • Summary: A brief summary of the conditions that triggered the alert.
  • Link: A link to the event that triggered the alert, relative to the installation.
  • TriggerDate: The timestamp for when the trigger fired, in seconds.
  • Color: The color related to the alert's type: blue for info, green for success, red for error, yellow for warning.
  • Severity: The alert's type, as defined in its configuration.
  • Footer: The alert's sender, which is either Imply or the user who sent the notification.
  • dimensionName: The dimension by which the data is grouped, if the alerts evaluates a measure that is grouped by a dimension.
  • dimensionValue: The specific value dimension that triggers the alert, if the alerts evaluates a measure that is grouped by a dimension.

An example custom payload is as follows:

{
"attachments": [
{
"fallback": "\"Wikipedia\" alert was triggered",
"color": "#038ADC",
"title": "\"Wikipedia\" was triggered",
"title_link": "/pivot/d/6e7aacc0d0cf2644d8",
"text": "Hourly Wikipedia alert",
"summaryData": [{"summary":"Hourly Wikipedia alert","currentValue":"2","previousValue":"1","rawDelta":"1","percentDelta":"100%","measureTitle":"Number of Events","conditionTriggerValue":1,"type":"percent-delta","condition":"greaterThan","triggered":true}],
"ts": 1683557493,
"footer": "Sent by Imply",
"footer_icon": "https://example.imply.io/favicon/my-icon.png",
"checkFrequency": "Hour",
"timeFrame": "Hour ending at May 8th 2023, 2:51 pm",
}
]
}

Alert error notifications

Pivot can send alert errors by email or webhook if the alert owner has the SeeErrorMessages permission.

Users with the SeeErrorMessages permission can view alert errors in the UI, and recipients of alerts they own can receive alert errors via email and webhook.

See User management in Pivot for more information on errors and user management in Pivot.

Manage alerts

You can click the ellipsis to the right of the alert name on the Alerts page to manage an alert.

Select the corresponding option to edit, duplicate, delete the alert, or toggle its active status.

View alert history

Click Alerts to view the alerts page, and click the name of an alert to view its history page.

The history page shows when the alert was triggered, alert conditions, and the value of the data. You can also analyze the alert data in a data cube.

Unmet evaluations (alpha)

You can view the history of times Pivot evaluated alert criteria but didn't trigger the alert because not all critera were met.

info

Before you can view unmet evaluations, you must enable the Unmet alert occurrences (alpha) feature flag. See Feature flags for more information.

Click Show x unmet alert evaluations on an alert's history page and click More info next to an unmet evaluation.

The following example shows that Example alert triggered at 2.08 AM. The number of events was 282 which met the alert criteria of more than 250 events. The alert was also evaluated at 2.07 AM but the number of events was 214 so the alert wasn't triggered.

Alert history

Learn more

See the following topics for more information: