Sample alert for Sysdig Monitor
Snapshot of the entity when an event occurs in Sysdig Monitor.
The sample alert becomes available after you generate the webhook.
{
"alert": {
"id": "1******5",
"name": "Test Event Alert",
"scope": "_sysdig_datasource in (\"agent\") and cpu_core in (\"1\") and agent_id in (\"5******9\")",
"severity": 6,
"severityLabel": "Info",
"editUrl": "https://us2.app.sysdig.com/#/alerts/1*****9",
"subject": "Test Event Alert is Triggered",
"body": "Test Event Alert is Triggered\n\n\nEvent Generated:\n\nSeverity: Info\nCondition:\n count(customEvent) >= 0.0\nScope:\n cpu_core in ('1')\n _sysdig_datasource in ('agent')\n agent_id in ('5******9')\n\nTime: 08/08/2022 10:31 AM UTC\nState: Triggered\nNotification URL: https://us2.app.sysdig.com/#/events/notifications/l:2****0/1******8/events\n\n------\n\nTriggered by Alert:\n\nType: Event Based\nName: Test Event Alert\nTeam: Monitor Operations\nScope:\n cpu_core in ('1')\n _sysdig_datasource in ('agent')\n agent_id in ('5****9')\nWhen: Total number of custom events >= 0.0, Text matches: 'exceed'\nFor at least: 1 m\nAlert URL: https://us2.app.sysdig.com/#/alerts/rules?alertId=1******5\n\n\nSysdig files URL: https://us2.app.sysdig.com/#/captures/notification=1*****8\n"
},
"event": {
"id": "1******8",
"url": "https://us2.app.sysdig.com/#/events/notifications/l:6****0/1*****8/details"
},
"condition": "count(customEvent) >= 0.0",
"source": "Sysdig Cloud",
"state": "ACTIVE",
"timestamp": 1659954660000000,
"timespan": 60000000,
"entities": [
{
"entity": "_sysdig_datasource in (\"agent\") and cpu_core in (\"1\") and agent_id in (\"5*******9\")",
"metricValues": [
{
"metric": "customEvent",
"aggregation": "count",
"groupAggregation": "none",
"value": 0
}
]
}
],
"labels": {
"agent_id": "5******9",
"cpu_core": "1",
"_sysdig_datasource": "agent"
}
}