New Relic Alerts concepts and workflow

New Relic Alerts lets you create customized alerting solutions for monitoring your system. This document contains:

Introduction to important concepts

New Relic Alerts workflow diagram
To use New Relic Alerts well, it will help you to understand the general flow of how the alert conditions and policies you create lead to violations and notifications.

To use New Relic Alerts well, it will help you to understand the terms we use:

Alerts terminology Comments
Policy

An alert policy is a group of one or more alert conditions. You must create a policy before you can add conditions to it.

A policy has two settings that apply to all of its conditions: incident preference and notification channels (explained more below).

Condition

An alert condition includes: a) a monitored data source and b) thresholds that define the behavior that's considered a violation.

For example, a specific alert condition might be described in this way: "If the response time for any page load in my app goes above 8 seconds and lasts for more than 5 minutes, that's a violation."

Threshold

A threshold is part of a condition; it defines the behavior that's considered a violation. When you create a condition, there's a required critical-level threshold. Optionally, you can set a secondary warning-level threshold.

Violation

A violation occurs when the value of a data source crosses an alert condition's threshold. This leads to the creation of a violation event, which is used to pass important information downstream.

A violation doesn't directly generate a notification; a violation may lead to an incident, which in turn can generate notifications.

Incident

Incidents are what generate notifications. At the alert policy level, the incident preference determines how violations are handled and combined to generate incidents.

For example, you may want to have every single violation generate an incident (many notifications) or you may want to have only a single incident open at a time across an entire alert policy (minimal notifications). Setting the incident preference gives you power over how notifications are created and helps prevent alert fatigue.

Notification

At the alert policy level, you choose what team members are notified when an incident occurs and how they're notified. New Relic offers several notification channels, including webhooks, Slack rooms, email, etc. You can include charts about the incident to provide context, and share them with your team's notification.

For in-depth definitions of these and other Alerts terms, see the glossary.

Basic workflow

Now that you understand some basic concepts and terms, let's look at a typical process for creating an alert policy and an associated alert condition:

  1. Create an alert policy. When you create a policy:
    • Give it a meaningful name. For example: the group or team's name, or the set of resources or services the alert policy targets.
    • Set the incident preference, which determines how violations become incidents.
    • Set notification channels.
  2. Create an alert condition that will be attached to that policy. Steps involved in creating a condition include:

    • Choose a data source that will be monitored (for example, an APM metric or a NRQL query).
    • Set the thresholds that define what behavior will produce a violation.
    • Optional: Include a runbook URL, which is used to share standard procedures for how to handle alert notifications.
  3. Optional: Add more conditions to that same policy.

In addition to receiving notifications, you can view the alert incident or event details from the Alerts UI.

What's next?

To learn more about using Alerts:

For more help

Recommendations for learning more: