Alerts glossary

A glossary of common New Relic Alerts terms. For an explanation of how basic Alerts concepts are related, see Alerts concepts and workflow.

For a more general glossary, see the New Relic glossary.

alert condition

An alert condition, identified by its unique numeric condition_id, contains the criteria for Alerts to create a violation, including the threshold that is set for a metric timeslice or a custom metric over time on a chosen target.

For an explanation of how an alert condition relates to other basic Alerts concepts, see Concepts and workflow.

alert policy

A collection of one or more alert conditions, one or more notification channels and an Incident preference setting. If a condition contained within the policy opens a violation, an incident may be opened depending on the Incident preference setting and notifications will then be sent to all channels attached to the policy.

For an explanation of how an alert policy relates to other basic Alerts concepts, see Concepts and workflow.


See alert condition.


The period of time when customers cannot access your site and your app is not reporting to New Relic. For more information, see New Relic Synthetics.


See the entry for entity in the general glossary. You can identify one or more entities to be targets for alert conditions.

In the Alerts API, the entity being monitored is identified with an entity_id.


A specific occurrence that has a time stamp; for example, a deployment, error, condition violation, notification, instrumentation change, settings change, etc. Some New Relic products include a list with recent events and activities in their product index or in the Overview page for the selected entity or component.

In Alerts, opening a violation and closing a violation are two unique events with time stamps. You can view a summary of alerting events across all products from the Events page.

health status

A colored bar (green, yellow, red, or gray) indicating the status of your app, host, or other entity monitored by New Relic. It also indicates whether the entity has any alert conditions assigned with it and whether there are any violations. The color-coded health status indicator appears next to the app, host, or other entity's name in every product index except Insights and Infrastructure.

Service maps use different criteria to report the health of a connection between an app and an external service not monitored by New Relic (for example, a third party API).


An incident is a collection of one or more violations of the conditions defined in an alert policy. An incident record includes all of the open and close time stamps for each violation, as well as chart snapshots of the data being evaluated around the time of each violation.

You can view detailed information from the Incidents pages in the Alerts user interface. You can also select your preference for how we roll up violations into the incident.

For an explanation of how an incident relates to other basic Alerts concepts, see Concepts and workflow.


The message sent when an incident opens, is acknowledged, or closes. The type of notification is defined by the alert policy's notification channel.

For an explanation of how notifications relate to other basic Alerts concepts, see Concepts and workflow.

notification channel

Where we send a notification when an incident opens, is acknowledged, or closes. Available channels include email, mobile push notifications, webhooks, and more.


See the types of monitors available with New Relic Synthetics.


A runbook contains standard procedures and operations typically used by system administrators, network operations staff, and other personnel to handle outages, alert incidents, and other situations. If your organization stores runbook instructions as URLs, you can link this information to alert conditions so your personnel has easy access to this information when an alert incident open.


A target is a resource or component monitored by a New Relic product that has been identified in an alert condition. When the data source for that target crosses the defined Critical threshold, we will open a violation. Depending on your policy's Incident preference setting, Alerts may create an incident record and send notifications through the defined channels. See also entity.


Thresholds refer to the alert condition settings that define what is considered a violation. Threshold values include the value that a data source must pass to trigger a violation and the time-related settings that define a violation (for example, passing a certain value for at least x minutes, or passing that value only once in x minutes). There is a required critical (red) threshold and an optional warning (yellow) threshold. In the UI, the entity's health status indicator will change to yellow or red when a threshold has been crossed and a violation will open.

For more about thresholds, see Define thresholds. For an explanation of how thresholds relate to other basic Alerts concepts, see Concepts and workflow.

traffic light

See health status.


Universal Time Coordinated (UTC), or Coordinated Universal Time, is a standard timestamp for synchronizing time around the world. Alerts defaults to UTC, but you can switch to your time zone (defined from (account) > User preferences). You can also offset UTC when using the New Relic REST API (v2).


A violation occurs when the entity monitored by an alert condition reports a value that crosses the thresholds defined in that condition. For an explanation of how violations relate to other basic Alerts concepts, see Concepts and workflow.

You can view a summary of the violations for a selected incident's page. You can also view the violations for a specific entity from the product's UI.

For more help

Recommendations for learning more: