Documentation forSolarWinds Observability


Alerts can be set up and managed for any entity type, and enable you to be notified when some specified attribute of an entity or entities changes in a predefined way.

Create an alert

To create an alert for an entity:

  1. Click Alerts in the left column, then click Alert Settings.

    The Alert Settings window is displayed showing all alerts that are currently active.

  2. Click Create Alert in the upper right corner.

    In the Logs Explorer, click the Create alert for this search query icon to create a new alert.

    The details tab of the create alerts page is displayed.

  3. Enter a name and description for the alert, and select whether you want it shown as Critical, Warning or Info.

    If you do not want the alert to be enabled immediately, disable it using the slider. The alert can be enabled from the Alert Settings page.

  4. Click Next to move to the Conditions tab.
  5. Select either a Metrics condition or a Logs condition.

  6. Select the entity type, scope, and selection criteria. The Scope by drop-down menu enables you to select a specific entity or select multiple entities by entering a string of characters that must be or must not be in the entity name.

    The number and percentage of entities contained in the scope are displayed in the Overview.

  7. To list and review the entities and their health statuses, click Show All Entities in Scope.
  8. Under Define a condition, click the condition box to start defining the first condition for this alert.
    1. Select the metric on which this condition is based from the Metric drop-down menu. All the metrics available for the selected entity type are displayed. When selected, a graph showing the behavior of this metric is displayed for each of the selected entities. The time period for this graph can be selected from the drop-down menu. You can show or hide the metrics for a particular entity by clicking the name in the legend beneath the graph.
    2. (Optional) Click Add tags to include or exclude specific metric tags.
    3. In the Aggregate on drop-down menu, select the aggregation method (such as average, maximum or minimum) to apply to this metric.
    4. From the Trigger when metric is drop-down menu, select the operator (such as equal to, higher than or lower than) to apply to the aggregation, and enter the value for the operator.
    5. Enter the value and time frame to complete the condition that must be met for the alert to be triggered.

    After entering a condition, the icons before each entity will show whether an entity would trigger the alert or not in the selected period. In the example below, only the bz-test-web website would trigger the alert as the maximum response time has been over 250 ms for at least two minutes on one or more occasions in the last hour.

  9. To add another condition, click Add new condition and repeat step 7.
  10. When you finish setting up the conditions for the alert, click Next to move to the Notification tab.
  11. Click Add and select the Notification service you want to be used when this alert is triggered.

    This can be Email, Microsoft Teams, Slack or Webhook.

    For each method, select a name and description, and further settings appropriate to each method.

  12. Add further Notification services if required, then click Next to go to the Summary.
  13. Ensure the conditions and notification settings are correct (click Previous to navigate back to appropriate pages if required), then click Create.

The alert page for this alert is displayed.


Active Alerts

The Active Alerts page shows all active alert instances. Alert instances can be filtered by Severity, Alert Type, Entity, and whether they have been muted. For each alert, severity, alert type, source (name of triggering entity), date and time the alert was triggered, alert definition (name of the alert that was triggered), threshold reason, and mute status is displayed.

  • Click the source name to display the overview page for that entity.
  • Click the alert instance name to display the alert page.

Alert Settings

The Alert Settings page enables you to edit and maintain the alerts you have created. All alerts are listed showing name, severity, description, whether it is active, whether it has been triggered and if so, the date and time it was triggered.

Check the box next to an alert, to display options to Disable, Edit, Duplicate and Delete this alert.

If you check more than one alert, only the Disable and Delete options are displayed.

Click the alert name to show the Alert page.

The Alert page

The Alert page shows detailed information for each alert that has been created. Four tabs are displayed: Overview, All Evaluations, History, and Change History.

This page also provides a drop-down menu with options to mute/unmute, clear, edit, or delete this alert. Clicking mute opens a pop-up window where you can review the number of entities in scope, and specify how long the alert should be muted.


The Overview tab contains the following four widgets.


This widget shows whether this alert has been triggered and if so, how many entities triggered it, and when it was first triggered.

Triggered Entities

This widget shows the number of triggering entities and the date and time the alert was triggered.

Click the triggering entity to display the Overview page for the entity.

Active Time

This widget shows the length of time and the date the alert was triggered.

Entities triggered by

This widget shows the triggering entity and how long the alert has been active.

Alert Details

This widget display the description, severity, scope, conditions and notification details for this alert.

Last 5 changes to this Alert

This shows the last five times that this alert was changed. Changes include creation, reset, muting and unmuting.

All Evaluations

The All Evaluations tab shows all entities within this alert's scope, and whether they have triggered the alert.

Click the triggering entity name to display the Overview page for the entity.