time_aggr: avg, sum, max, min, change, or pct_change
time_window: last_#m (with # between 1 and 10080 depending on the monitor type) or last_#h(with # between 1 and 168 depending on the monitor type) or last_1d, or last_1w
space_aggr: avg, sum, min, or max
tags: one or more tags (comma-separated), or *
key: a ‘key’ in key:value tag syntax; defines a separate alert for each tag in the group (multi-alert)
operator: <, <=, >, >=, ==, or !=
#: an integer or decimal number used to set the threshold
To use a dynamic threshold on a metric monitor with a formula query, replace # with the threshold keyword
(for example, ... > threshold) and provide the threshold as a query via critical_query on options.thresholds.
This feature is in preview.
If you are using the _change_ or _pct_change_ time aggregator, instead use change_aggr(time_aggr(time_window), timeshift):space_aggr:metric{tags} [by {key}] operator # with:
time_window last_#m (between 1 and 2880 depending on the monitor type), last_#h (between 1 and 48 depending on the monitor type), or last_#d (1 or 2)
timeshift #m_ago (5, 10, 15, or 30), #h_ago (1, 2, or 4), or 1d_ago
Use this to create an outlier monitor using the following query:
avg(last_30m):outliers(avg:system.cpu.user{role:es-events-data} by {host}, 'dbscan', 7) > 0
check name of the check, for example datadog.agent.up
tags one or more quoted tags (comma-separated), or “*”. for example: .over("env:prod", "role:db"); over cannot be blank.
count must be at greater than or equal to your max threshold (defined in the options). It is limited to 100.
For example, if you’ve specified to notify on 1 critical, 3 ok, and 2 warn statuses, count should be at least 3.
group must be specified for check monitors. Per-check grouping is already explicitly known for some service checks.
For example, Postgres integration monitors are tagged by db, host, and port, and Network monitors by host, instance, and url. See Service Checks documentation for more information.
Example: 12345 && 67890, where 12345 and 67890 are the IDs of non-composite monitors
name [required, default = dynamic, based on query]: The name of the alert.
message [required, default = dynamic, based on query]: A message to include with notifications for this monitor.
Email notifications can be sent to specific users by using the same ‘@username’ notation as events.
tags [optional, default = empty list]: A list of tags to associate with your monitor.
When getting all monitor details via the API, use the monitor_tags argument to filter results by these tags.
It is only available via the API and isn’t visible or editable in the Datadog UI.
The list of monitor assets tied to a monitor, which represents key links for users to take action on monitor alerts (for example, runbooks).
category [required]
enum
Indicates the type of asset this entity represents on a monitor.
Allowed enum values: runbook
name [required]
string
Name for the monitor asset
resource_key
string
Represents the identifier of the internal Datadog resource that this asset represents. IDs in this field should be passed in as strings.
resource_type
enum
Type of internal Datadog resource associated with a monitor asset.
Allowed enum values: notebook
url [required]
string
URL link for the asset. For links with an internal resource type set, this should be the relative path to where the Datadog domain is appended internally. For external links, this should be the full URL path.
created
date-time
Timestamp of the monitor creation.
creator
object
Object describing the creator of the shared element.
email
string
Email of the creator.
handle
string
Handle of the creator.
name
string
Name of the creator.
deleted
date-time
Whether or not the monitor is deleted. (Always null)
draft_status
enum
Indicates whether the monitor is in a draft or published state.
draft: The monitor appears as Draft and does not send notifications.
published: The monitor is active and evaluates conditions and notify as configured.
This field is in preview. The draft value is only available to customers with the feature enabled.
Allowed enum values: draft,published
default: published
id
int64
ID of this monitor.
matching_downtimes
[object]
A list of active v1 downtimes that match this monitor.
end
int64
POSIX timestamp to end the downtime.
id [required]
int64
The downtime ID.
scope
[string]
The scope(s) to which the downtime applies. Must be in key:value format. For example, host:app2.
Provide multiple scopes as a comma-separated list like env:dev,env:prod.
The resulting downtime applies to sources that matches ALL provided scopes (env:devANDenv:prod).
start
int64
POSIX timestamp to start the downtime.
message
string
A message to include with notifications for this monitor.
modified
date-time
Last timestamp when the monitor was edited.
multi
boolean
Whether or not the monitor is broken down on different groups.
name
string
The monitor name.
options
object
List of options associated with your monitor.
aggregation
object
Type of aggregation performed in the monitor query.
group_by
string
Group to break down the monitor on.
metric
string
Metric name used in the monitor.
type
string
Metric type used in the monitor.
device_ids
[string]
DEPRECATED: IDs of the device the Synthetics monitor is running on.
enable_logs_sample
boolean
Whether or not to send a log sample when the log monitor triggers.
enable_samples
boolean
Whether or not to send a list of samples when the monitor triggers. This is only used by CI Test and Pipeline monitors.
escalation_message
string
We recommend using the is_renotify,
block in the original message instead.
A message to include with a re-notification. Supports the @username notification we allow elsewhere.
Not applicable if renotify_interval is None.
evaluation_delay
int64
Time (in seconds) to delay evaluation, as a non-negative integer. For example, if the value is set to 300 (5min),
the timeframe is set to last_5m and the time is 7:00, the monitor evaluates data from 6:50 to 6:55.
This is useful for AWS CloudWatch and other backfilled metrics to ensure the monitor always has data during evaluation.
group_retention_duration
string
The time span after which groups with missing data are dropped from the monitor state.
The minimum value is one hour, and the maximum value is 72 hours.
Example values are: "60m", "1h", and "2d".
This option is only available for APM Trace Analytics, Audit Trail, CI, Error Tracking, Event, Logs, and RUM monitors.
groupby_simple_monitor
boolean
DEPRECATED: Whether the log alert monitor triggers a single alert or multiple alerts when any group breaches a threshold. Use notify_by instead.
include_tags
boolean
A Boolean indicating whether notifications from this monitor automatically inserts its triggering tags into the title.
Examples
If True, [Triggered on {host:h1}] Monitor Title
If False, [Triggered] Monitor Title
default: true
locked
boolean
DEPRECATED: Whether or not the monitor is locked (only editable by creator and admins). Use restricted_roles instead.
min_failure_duration
int64
How long the test should be in failure before alerting (integer, number of seconds, max 7200).
min_location_failed
int64
The minimum number of locations in failure at the same time during
at least one moment in the min_failure_duration period (min_location_failed and min_failure_duration
are part of the advanced alerting rules - integer, >= 1).
default: 1
new_group_delay
int64
Time (in seconds) to skip evaluations for new groups.
For example, this option can be used to skip evaluations for new hosts while they initialize.
Must be a non negative integer.
new_host_delay
int64
DEPRECATED: Time (in seconds) to allow a host to boot and applications
to fully start before starting the evaluation of monitor results.
Should be a non negative integer.
Use new_group_delay instead.
default: 300
no_data_timeframe
int64
The number of minutes before a monitor notifies after data stops reporting.
Datadog recommends at least 2x the monitor timeframe for query alerts or 2 minutes for service checks.
If omitted, 2x the evaluation timeframe is used for query alerts, and 24 hours is used for service checks.
notification_preset_name
enum
Toggles the display of additional content sent in the monitor notification.
Allowed enum values: show_all,hide_query,hide_handles,hide_all,hide_query_and_handles,show_only_snapshot,hide_handles_and_footer
default: show_all
notify_audit
boolean
A Boolean indicating whether tagged users is notified on changes to this monitor.
notify_by
[string]
Controls what granularity a monitor alerts on. Only available for monitors with groupings.
For instance, a monitor grouped by cluster, namespace, and pod can be configured to only notify on each
new cluster violating the alert conditions by setting notify_by to ["cluster"]. Tags mentioned
in notify_by must be a subset of the grouping tags in the query.
For example, a query grouped by cluster and namespace cannot notify on region.
Setting notify_by to ["*"] configures the monitor to notify as a simple-alert.
notify_no_data
boolean
A Boolean indicating whether this monitor notifies when data stops reporting. Defaults to false.
on_missing_data
enum
Controls how groups or monitors are treated if an evaluation does not return any data points.
The default option results in different behavior depending on the monitor query type.
For monitors using Count queries, an empty monitor evaluation is treated as 0 and is compared to the threshold conditions.
For monitors using any query type other than Count, for example Gauge, Measure, or Rate, the monitor shows the last known status.
This option is only available for APM Trace Analytics, Audit Trail, CI, Error Tracking, Event, Logs, and RUM monitors.
Allowed enum values: default,show_no_data,show_and_notify_no_data,resolve
renotify_interval
int64
The number of minutes after the last notification before a monitor re-notifies on the current status.
It only re-notifies if it’s not resolved.
renotify_occurrences
int64
The number of times re-notification messages should be sent on the current status at the provided re-notification interval.
renotify_statuses
[string]
The types of monitor statuses for which re-notification messages are sent.
Default: null if renotify_interval is null.
If renotify_interval is set, defaults to renotify on Alert and No Data.
require_full_window
boolean
A Boolean indicating whether this monitor needs a full window of data before it’s evaluated.
We highly recommend you set this to false for sparse metrics,
otherwise some evaluations are skipped. Default is false. This setting only applies to
metric monitors.
scheduling_options
object
Configuration options for scheduling.
custom_schedule
object
Configuration options for the custom schedule. This feature is in private beta.
recurrences
[object]
Array of custom schedule recurrences.
rrule
string
Defines the recurrence rule (RRULE) for a given schedule.
start
string
Defines the start date and time of the recurring schedule.
timezone
string
Defines the timezone the schedule runs on.
evaluation_window
object
Configuration options for the evaluation window. If hour_starts is set, no other fields may be set. Otherwise, day_starts and month_starts must be set together.
day_starts
string
The time of the day at which a one day cumulative evaluation window starts.
hour_starts
int32
The minute of the hour at which a one hour cumulative evaluation window starts.
month_starts
int32
The day of the month at which a one month cumulative evaluation window starts.
timezone
string
The timezone of the time of the day of the cumulative evaluation window start.
silenced
object
DEPRECATED: Information about the downtime applied to the monitor. Only shows v1 downtimes.
<any-key>
int64
UTC epoch timestamp in seconds when the downtime for the group expires.
synthetics_check_id
string
DEPRECATED: ID of the corresponding Synthetic check.
threshold_windows
object
Alerting time window options.
recovery_window
string
Describes how long an anomalous metric must be normal before the alert recovers.
trigger_window
string
Describes how long a metric must be anomalous before an alert triggers.
thresholds
object
List of the different monitor threshold available.
critical
double
The monitor CRITICAL threshold.
critical_query
string
Query evaluated as a dynamic CRITICAL threshold. Only supported on metric monitors with a formula query and options['variables']. Cannot be combined with static thresholds. This field is in preview.
critical_recovery
double
The monitor CRITICAL recovery threshold.
critical_recovery_query
string
Query evaluated as a dynamic CRITICAL recovery threshold. Only supported on metric monitors with a formula query and options['variables']. Cannot be combined with static thresholds. This field is in preview.
ok
double
The monitor OK threshold.
unknown
double
The monitor UNKNOWN threshold.
warning
double
The monitor WARNING threshold.
warning_recovery
double
The monitor WARNING recovery threshold.
timeout_h
int64
The number of hours of the monitor not reporting data before it automatically resolves from a triggered state. The minimum allowed value is 0 hours. The maximum allowed value is 24 hours.
variables
[ <oneOf>]
List of requests that can be used in the monitor query. This feature is currently in beta.
The name assigned to this aggregation, when multiple aggregations are defined for a query.
source
string
Source reference for composite query payloads.
data_source [required]
enum
Data source for event platform-based queries.
Allowed enum values: rum,ci_pipelines,ci_tests,audit,events,logs,spans,database_queries,network,network_path
An array of index names to query in the stream. Omit or use [] to query all indexes at once.
name [required]
string
Name of the query for use in formulas.
search
object
Search options.
query [required]
string
Events search string.
Option 2
object
A formula and functions cost query.
aggregator
enum
Aggregation methods for metric queries.
Allowed enum values: avg,sum,max,min,last,area,l2norm,percentile,stddev
data_source [required]
enum
Data source for cost queries.
Allowed enum values: metrics,cloud_cost,datadog_usage
name [required]
string
Name of the query for use in formulas.
query [required]
string
The monitor query.
Option 3
object
A formula and functions data quality query.
data_source [required]
enum
Data source for data quality queries.
Allowed enum values: data_quality_metrics
filter [required]
string
Filter expression used to match on data entities. Uses Aastra query syntax.
group_by
[string]
Optional grouping fields for aggregation.
measure [required]
string
The data quality measure to query. Common values include:
bytes, cardinality, custom, freshness, max, mean, min,
nullness, percent_negative, percent_zero, row_count, stddev,
sum, uniqueness. Additional values may be supported.
monitor_options
object
Monitor configuration options for data quality queries.
crontab_override
string
Crontab expression to override the default schedule.
custom_sql
string
Custom SQL query for the monitor.
custom_where
string
Custom WHERE clause for the query.
group_by_columns
[string]
Columns to group results by.
model_type_override
enum
Override for the model type used in anomaly detection.
Allowed enum values: freshness,percentage,any
name [required]
string
Name of the query for use in formulas.
schema_version
string
Schema version for the data quality query.
scope
string
Optional scoping expression to further filter metrics. Uses metrics filter syntax.
This is useful when an entity has been configured to emit metrics with additional tags.
Option 4
object
A formula and functions data jobs query.
job_type [required]
string
The type of job being monitored. Valid values include:
databricks.job, spark.application, airflow.dag,
dbt.job, dbt.model, dbt.test, glue.job.
Custom job types are supported with the custom.ol. prefix.
jobs_query [required]
string
Filter expression used to select the jobs to monitor.
name [required]
string
Name of the query for use in formulas. Must be run_query.
query_dialect [required]
string
Query dialect for data jobs queries. Currently only metric is supported.
Option 5
object
A formula and functions aggregate augmented query. Used to enrich base query results with data from a reference table.
augment_query [required]
<oneOf>
Augment query for aggregate augmented queries. Can be an events query or a reference table query.
The name assigned to this aggregation, when multiple aggregations are defined for a query.
source
string
Source reference for composite query payloads.
data_source [required]
enum
Data source for event platform-based queries.
Allowed enum values: rum,ci_pipelines,ci_tests,audit,events,logs,spans,database_queries,network,network_path
The name assigned to this aggregation, when multiple aggregations are defined for a query.
source
string
Source reference for composite query payloads.
data_source [required]
enum
Data source for event platform-based queries.
Allowed enum values: rum,ci_pipelines,ci_tests,audit,events,logs,spans,database_queries,network,network_path
The name assigned to this aggregation, when multiple aggregations are defined for a query.
source
string
Source reference for composite query payloads.
data_source [required]
enum
Data source for event platform-based queries.
Allowed enum values: rum,ci_pipelines,ci_tests,audit,events,logs,spans,database_queries,network,network_path
The name assigned to this aggregation, when multiple aggregations are defined for a query.
source
string
Source reference for composite query payloads.
data_source [required]
enum
Data source for event platform-based queries.
Allowed enum values: rum,ci_pipelines,ci_tests,audit,events,logs,spans,database_queries,network,network_path
The different states your monitor can be in.
Allowed enum values: Alert,Ignored,No Data,OK,Skipped,Unknown,Warn
priority
int64
Integer from 1 (high) to 5 (low) indicating alert severity.
query [required]
string
The monitor query.
restricted_roles
[string]
A list of unique role identifiers to define which roles are allowed to edit the monitor. The unique identifiers for all roles can be pulled from the Roles API and are located in the data.id field. Editing a monitor includes any updates to the monitor configuration, monitor deletion, and muting of the monitor for any amount of time. You can use the Restriction Policies API to manage write authorization for individual monitors by teams and users, in addition to roles.
state
object
Wrapper object with the different monitor states.
groups
object
Dictionary where the keys are groups (comma separated lists of tags) and the values are
the list of groups your monitor is broken down on.
<any-key>
object
Monitor state for a single group.
last_nodata_ts
int64
Latest timestamp the monitor was in NO_DATA state.
last_notified_ts
int64
Latest timestamp of the notification sent for this monitor group.
last_resolved_ts
int64
Latest timestamp the monitor group was resolved.
last_triggered_ts
int64
Latest timestamp the monitor group triggered.
name
string
The name of the monitor.
status
enum
The different states your monitor can be in.
Allowed enum values: Alert,Ignored,No Data,OK,Skipped,Unknown,Warn
tags
[string]
Tags associated to your monitor.
type [required]
enum
The type of the monitor. For more information about type, see the monitor options docs.
Allowed enum values: composite,event alert,log alert,metric alert,process alert,query alert,rum alert,service check,synthetics alert,trace-analytics alertShow 12 more,slo alert,event-v2 alert,audit alert,ci-pipelines alert,ci-tests alert,error-tracking alert,database-monitoring alert,network-performance alert,cost alert,data-quality alert,network-path alert,data-jobs alert
{"name":"Example Monitor","type":"cost alert","query":"formula(\"exclude_null(query1)\").last(\"7d\").anomaly(direction=\"above\", threshold=10) >= 5","message":"some message Notify: @hipchat-channel","tags":["test:examplemonitor","env:ci"],"priority":3,"options":{"thresholds":{"critical":5,"warning":3},"variables":[{"data_source":"cloud_cost","query":"sum:aws.cost.net.amortized.shared.resources.allocated{aws_product IN (amplify ,athena, backup, bedrock ) } by {aws_product}.rollup(sum, 86400)","name":"query1","aggregator":"sum"}],"include_tags":true}}
{"name":"Example-Monitor","type":"data-jobs alert","query":"formula(\"failed_runs(run_query)\").by(job_name,workspace_name).last(10d) > 0","message":"Data jobs alert triggered","tags":["test:examplemonitor","env:ci"],"options":{"thresholds":{"critical":0},"variables":[{"name":"run_query","jobs_query":"job_name:*","job_type":"databricks.job","query_dialect":"metric"}]}}
{"name":"Example-Monitor","type":"data-quality alert","query":"formula(\"query1\").last(\"5m\") > 100","message":"Data quality alert triggered","tags":["test:examplemonitor","env:ci"],"priority":3,"options":{"thresholds":{"critical":100},"variables":[{"name":"query1","data_source":"data_quality_metrics","measure":"row_count","filter":"search for column where `database:production AND table:users`","group_by":["entity_id"]}]}}
The list of monitor assets tied to a monitor, which represents key links for users to take action on monitor alerts (for example, runbooks).
category [required]
enum
Indicates the type of asset this entity represents on a monitor.
Allowed enum values: runbook
name [required]
string
Name for the monitor asset
resource_key
string
Represents the identifier of the internal Datadog resource that this asset represents. IDs in this field should be passed in as strings.
resource_type
enum
Type of internal Datadog resource associated with a monitor asset.
Allowed enum values: notebook
url [required]
string
URL link for the asset. For links with an internal resource type set, this should be the relative path to where the Datadog domain is appended internally. For external links, this should be the full URL path.
created
date-time
Timestamp of the monitor creation.
creator
object
Object describing the creator of the shared element.
email
string
Email of the creator.
handle
string
Handle of the creator.
name
string
Name of the creator.
deleted
date-time
Whether or not the monitor is deleted. (Always null)
draft_status
enum
Indicates whether the monitor is in a draft or published state.
draft: The monitor appears as Draft and does not send notifications.
published: The monitor is active and evaluates conditions and notify as configured.
This field is in preview. The draft value is only available to customers with the feature enabled.
Allowed enum values: draft,published
default: published
id
int64
ID of this monitor.
matching_downtimes
[object]
A list of active v1 downtimes that match this monitor.
end
int64
POSIX timestamp to end the downtime.
id [required]
int64
The downtime ID.
scope
[string]
The scope(s) to which the downtime applies. Must be in key:value format. For example, host:app2.
Provide multiple scopes as a comma-separated list like env:dev,env:prod.
The resulting downtime applies to sources that matches ALL provided scopes (env:devANDenv:prod).
start
int64
POSIX timestamp to start the downtime.
message
string
A message to include with notifications for this monitor.
modified
date-time
Last timestamp when the monitor was edited.
multi
boolean
Whether or not the monitor is broken down on different groups.
name
string
The monitor name.
options
object
List of options associated with your monitor.
aggregation
object
Type of aggregation performed in the monitor query.
group_by
string
Group to break down the monitor on.
metric
string
Metric name used in the monitor.
type
string
Metric type used in the monitor.
device_ids
[string]
DEPRECATED: IDs of the device the Synthetics monitor is running on.
enable_logs_sample
boolean
Whether or not to send a log sample when the log monitor triggers.
enable_samples
boolean
Whether or not to send a list of samples when the monitor triggers. This is only used by CI Test and Pipeline monitors.
escalation_message
string
We recommend using the is_renotify,
block in the original message instead.
A message to include with a re-notification. Supports the @username notification we allow elsewhere.
Not applicable if renotify_interval is None.
evaluation_delay
int64
Time (in seconds) to delay evaluation, as a non-negative integer. For example, if the value is set to 300 (5min),
the timeframe is set to last_5m and the time is 7:00, the monitor evaluates data from 6:50 to 6:55.
This is useful for AWS CloudWatch and other backfilled metrics to ensure the monitor always has data during evaluation.
group_retention_duration
string
The time span after which groups with missing data are dropped from the monitor state.
The minimum value is one hour, and the maximum value is 72 hours.
Example values are: "60m", "1h", and "2d".
This option is only available for APM Trace Analytics, Audit Trail, CI, Error Tracking, Event, Logs, and RUM monitors.
groupby_simple_monitor
boolean
DEPRECATED: Whether the log alert monitor triggers a single alert or multiple alerts when any group breaches a threshold. Use notify_by instead.
include_tags
boolean
A Boolean indicating whether notifications from this monitor automatically inserts its triggering tags into the title.
Examples
If True, [Triggered on {host:h1}] Monitor Title
If False, [Triggered] Monitor Title
default: true
locked
boolean
DEPRECATED: Whether or not the monitor is locked (only editable by creator and admins). Use restricted_roles instead.
min_failure_duration
int64
How long the test should be in failure before alerting (integer, number of seconds, max 7200).
min_location_failed
int64
The minimum number of locations in failure at the same time during
at least one moment in the min_failure_duration period (min_location_failed and min_failure_duration
are part of the advanced alerting rules - integer, >= 1).
default: 1
new_group_delay
int64
Time (in seconds) to skip evaluations for new groups.
For example, this option can be used to skip evaluations for new hosts while they initialize.
Must be a non negative integer.
new_host_delay
int64
DEPRECATED: Time (in seconds) to allow a host to boot and applications
to fully start before starting the evaluation of monitor results.
Should be a non negative integer.
Use new_group_delay instead.
default: 300
no_data_timeframe
int64
The number of minutes before a monitor notifies after data stops reporting.
Datadog recommends at least 2x the monitor timeframe for query alerts or 2 minutes for service checks.
If omitted, 2x the evaluation timeframe is used for query alerts, and 24 hours is used for service checks.
notification_preset_name
enum
Toggles the display of additional content sent in the monitor notification.
Allowed enum values: show_all,hide_query,hide_handles,hide_all,hide_query_and_handles,show_only_snapshot,hide_handles_and_footer
default: show_all
notify_audit
boolean
A Boolean indicating whether tagged users is notified on changes to this monitor.
notify_by
[string]
Controls what granularity a monitor alerts on. Only available for monitors with groupings.
For instance, a monitor grouped by cluster, namespace, and pod can be configured to only notify on each
new cluster violating the alert conditions by setting notify_by to ["cluster"]. Tags mentioned
in notify_by must be a subset of the grouping tags in the query.
For example, a query grouped by cluster and namespace cannot notify on region.
Setting notify_by to ["*"] configures the monitor to notify as a simple-alert.
notify_no_data
boolean
A Boolean indicating whether this monitor notifies when data stops reporting. Defaults to false.
on_missing_data
enum
Controls how groups or monitors are treated if an evaluation does not return any data points.
The default option results in different behavior depending on the monitor query type.
For monitors using Count queries, an empty monitor evaluation is treated as 0 and is compared to the threshold conditions.
For monitors using any query type other than Count, for example Gauge, Measure, or Rate, the monitor shows the last known status.
This option is only available for APM Trace Analytics, Audit Trail, CI, Error Tracking, Event, Logs, and RUM monitors.
Allowed enum values: default,show_no_data,show_and_notify_no_data,resolve
renotify_interval
int64
The number of minutes after the last notification before a monitor re-notifies on the current status.
It only re-notifies if it’s not resolved.
renotify_occurrences
int64
The number of times re-notification messages should be sent on the current status at the provided re-notification interval.
renotify_statuses
[string]
The types of monitor statuses for which re-notification messages are sent.
Default: null if renotify_interval is null.
If renotify_interval is set, defaults to renotify on Alert and No Data.
require_full_window
boolean
A Boolean indicating whether this monitor needs a full window of data before it’s evaluated.
We highly recommend you set this to false for sparse metrics,
otherwise some evaluations are skipped. Default is false. This setting only applies to
metric monitors.
scheduling_options
object
Configuration options for scheduling.
custom_schedule
object
Configuration options for the custom schedule. This feature is in private beta.
recurrences
[object]
Array of custom schedule recurrences.
rrule
string
Defines the recurrence rule (RRULE) for a given schedule.
start
string
Defines the start date and time of the recurring schedule.
timezone
string
Defines the timezone the schedule runs on.
evaluation_window
object
Configuration options for the evaluation window. If hour_starts is set, no other fields may be set. Otherwise, day_starts and month_starts must be set together.
day_starts
string
The time of the day at which a one day cumulative evaluation window starts.
hour_starts
int32
The minute of the hour at which a one hour cumulative evaluation window starts.
month_starts
int32
The day of the month at which a one month cumulative evaluation window starts.
timezone
string
The timezone of the time of the day of the cumulative evaluation window start.
silenced
object
DEPRECATED: Information about the downtime applied to the monitor. Only shows v1 downtimes.
<any-key>
int64
UTC epoch timestamp in seconds when the downtime for the group expires.
synthetics_check_id
string
DEPRECATED: ID of the corresponding Synthetic check.
threshold_windows
object
Alerting time window options.
recovery_window
string
Describes how long an anomalous metric must be normal before the alert recovers.
trigger_window
string
Describes how long a metric must be anomalous before an alert triggers.
thresholds
object
List of the different monitor threshold available.
critical
double
The monitor CRITICAL threshold.
critical_query
string
Query evaluated as a dynamic CRITICAL threshold. Only supported on metric monitors with a formula query and options['variables']. Cannot be combined with static thresholds. This field is in preview.
critical_recovery
double
The monitor CRITICAL recovery threshold.
critical_recovery_query
string
Query evaluated as a dynamic CRITICAL recovery threshold. Only supported on metric monitors with a formula query and options['variables']. Cannot be combined with static thresholds. This field is in preview.
ok
double
The monitor OK threshold.
unknown
double
The monitor UNKNOWN threshold.
warning
double
The monitor WARNING threshold.
warning_recovery
double
The monitor WARNING recovery threshold.
timeout_h
int64
The number of hours of the monitor not reporting data before it automatically resolves from a triggered state. The minimum allowed value is 0 hours. The maximum allowed value is 24 hours.
variables
[ <oneOf>]
List of requests that can be used in the monitor query. This feature is currently in beta.
The name assigned to this aggregation, when multiple aggregations are defined for a query.
source
string
Source reference for composite query payloads.
data_source [required]
enum
Data source for event platform-based queries.
Allowed enum values: rum,ci_pipelines,ci_tests,audit,events,logs,spans,database_queries,network,network_path
An array of index names to query in the stream. Omit or use [] to query all indexes at once.
name [required]
string
Name of the query for use in formulas.
search
object
Search options.
query [required]
string
Events search string.
Option 2
object
A formula and functions cost query.
aggregator
enum
Aggregation methods for metric queries.
Allowed enum values: avg,sum,max,min,last,area,l2norm,percentile,stddev
data_source [required]
enum
Data source for cost queries.
Allowed enum values: metrics,cloud_cost,datadog_usage
name [required]
string
Name of the query for use in formulas.
query [required]
string
The monitor query.
Option 3
object
A formula and functions data quality query.
data_source [required]
enum
Data source for data quality queries.
Allowed enum values: data_quality_metrics
filter [required]
string
Filter expression used to match on data entities. Uses Aastra query syntax.
group_by
[string]
Optional grouping fields for aggregation.
measure [required]
string
The data quality measure to query. Common values include:
bytes, cardinality, custom, freshness, max, mean, min,
nullness, percent_negative, percent_zero, row_count, stddev,
sum, uniqueness. Additional values may be supported.
monitor_options
object
Monitor configuration options for data quality queries.
crontab_override
string
Crontab expression to override the default schedule.
custom_sql
string
Custom SQL query for the monitor.
custom_where
string
Custom WHERE clause for the query.
group_by_columns
[string]
Columns to group results by.
model_type_override
enum
Override for the model type used in anomaly detection.
Allowed enum values: freshness,percentage,any
name [required]
string
Name of the query for use in formulas.
schema_version
string
Schema version for the data quality query.
scope
string
Optional scoping expression to further filter metrics. Uses metrics filter syntax.
This is useful when an entity has been configured to emit metrics with additional tags.
Option 4
object
A formula and functions data jobs query.
job_type [required]
string
The type of job being monitored. Valid values include:
databricks.job, spark.application, airflow.dag,
dbt.job, dbt.model, dbt.test, glue.job.
Custom job types are supported with the custom.ol. prefix.
jobs_query [required]
string
Filter expression used to select the jobs to monitor.
name [required]
string
Name of the query for use in formulas. Must be run_query.
query_dialect [required]
string
Query dialect for data jobs queries. Currently only metric is supported.
Option 5
object
A formula and functions aggregate augmented query. Used to enrich base query results with data from a reference table.
augment_query [required]
<oneOf>
Augment query for aggregate augmented queries. Can be an events query or a reference table query.
The name assigned to this aggregation, when multiple aggregations are defined for a query.
source
string
Source reference for composite query payloads.
data_source [required]
enum
Data source for event platform-based queries.
Allowed enum values: rum,ci_pipelines,ci_tests,audit,events,logs,spans,database_queries,network,network_path
The name assigned to this aggregation, when multiple aggregations are defined for a query.
source
string
Source reference for composite query payloads.
data_source [required]
enum
Data source for event platform-based queries.
Allowed enum values: rum,ci_pipelines,ci_tests,audit,events,logs,spans,database_queries,network,network_path
The name assigned to this aggregation, when multiple aggregations are defined for a query.
source
string
Source reference for composite query payloads.
data_source [required]
enum
Data source for event platform-based queries.
Allowed enum values: rum,ci_pipelines,ci_tests,audit,events,logs,spans,database_queries,network,network_path
The name assigned to this aggregation, when multiple aggregations are defined for a query.
source
string
Source reference for composite query payloads.
data_source [required]
enum
Data source for event platform-based queries.
Allowed enum values: rum,ci_pipelines,ci_tests,audit,events,logs,spans,database_queries,network,network_path
The different states your monitor can be in.
Allowed enum values: Alert,Ignored,No Data,OK,Skipped,Unknown,Warn
priority
int64
Integer from 1 (high) to 5 (low) indicating alert severity.
query [required]
string
The monitor query.
restricted_roles
[string]
A list of unique role identifiers to define which roles are allowed to edit the monitor. The unique identifiers for all roles can be pulled from the Roles API and are located in the data.id field. Editing a monitor includes any updates to the monitor configuration, monitor deletion, and muting of the monitor for any amount of time. You can use the Restriction Policies API to manage write authorization for individual monitors by teams and users, in addition to roles.
state
object
Wrapper object with the different monitor states.
groups
object
Dictionary where the keys are groups (comma separated lists of tags) and the values are
the list of groups your monitor is broken down on.
<any-key>
object
Monitor state for a single group.
last_nodata_ts
int64
Latest timestamp the monitor was in NO_DATA state.
last_notified_ts
int64
Latest timestamp of the notification sent for this monitor group.
last_resolved_ts
int64
Latest timestamp the monitor group was resolved.
last_triggered_ts
int64
Latest timestamp the monitor group triggered.
name
string
The name of the monitor.
status
enum
The different states your monitor can be in.
Allowed enum values: Alert,Ignored,No Data,OK,Skipped,Unknown,Warn
tags
[string]
Tags associated to your monitor.
type [required]
enum
The type of the monitor. For more information about type, see the monitor options docs.
Allowed enum values: composite,event alert,log alert,metric alert,process alert,query alert,rum alert,service check,synthetics alert,trace-analytics alertShow 12 more,slo alert,event-v2 alert,audit alert,ci-pipelines alert,ci-tests alert,error-tracking alert,database-monitoring alert,network-performance alert,cost alert,data-quality alert,network-path alert,data-jobs alert
## default
#
# Curl command curl-XPOST"https://api.ap1.datadoghq.com"https://api.ap2.datadoghq.com"https://api.datadoghq.eu"https://api.ddog-gov.com"https://api.us2.ddog-gov.com"https://api.datadoghq.com"https://api.us3.datadoghq.com"https://api.us5.datadoghq.com/api/v1/monitor" \
-H"Accept: application/json" \
-H"Content-Type: application/json" \
-H"DD-API-KEY: ${DD_API_KEY}" \
-H"DD-APPLICATION-KEY: ${DD_APP_KEY}" \
-d@-<<EOF{
"message": "You may need to add web hosts if this is consistently high.",
"name": "Bytes received on host0",
"options": {
"no_data_timeframe": 20,
"notify_no_data": true
},
"priority": 3,
"query": "avg(last_5m):sum:system.net.bytes_rcvd{host:host0} \u003e 100",
"tags": [
"app:webserver",
"frontend"
],
"type": "query alert"
}EOF
## default
#
# Curl command curl-XPOST"https://api.ap1.datadoghq.com"https://api.ap2.datadoghq.com"https://api.datadoghq.eu"https://api.ddog-gov.com"https://api.us2.ddog-gov.com"https://api.datadoghq.com"https://api.us3.datadoghq.com"https://api.us5.datadoghq.com/api/v1/monitor" \
-H"Accept: application/json" \
-H"Content-Type: application/json" \
-H"DD-API-KEY: ${DD_API_KEY}" \
-H"DD-APPLICATION-KEY: ${DD_APP_KEY}" \
-d@-<<EOF{
"message": "You may need to add web hosts if this is consistently high.",
"name": "Bytes received on host0",
"options": {
"no_data_timeframe": 20,
"notify_no_data": true
},
"priority": 3,
"query": "avg(last_5m):sum:system.net.bytes_rcvd{host:host0} \u003e 100",
"tags": [
"app:webserver",
"frontend"
],
"type": "query alert"
}EOF
## default
#
# Curl command curl-XPOST"https://api.ap1.datadoghq.com"https://api.ap2.datadoghq.com"https://api.datadoghq.eu"https://api.ddog-gov.com"https://api.us2.ddog-gov.com"https://api.datadoghq.com"https://api.us3.datadoghq.com"https://api.us5.datadoghq.com/api/v1/monitor" \
-H"Accept: application/json" \
-H"Content-Type: application/json" \
-H"DD-API-KEY: ${DD_API_KEY}" \
-H"DD-APPLICATION-KEY: ${DD_APP_KEY}" \
-d@-<<EOF{
"message": "You may need to add web hosts if this is consistently high.",
"name": "Bytes received on host0",
"options": {
"no_data_timeframe": 20,
"notify_no_data": true
},
"priority": 3,
"query": "avg(last_5m):sum:system.net.bytes_rcvd{host:host0} \u003e 100",
"tags": [
"app:webserver",
"frontend"
],
"type": "query alert"
}EOF
// Create a Cost Monitor returns "OK" responsepackagemainimport("context""encoding/json""fmt""os""github.com/DataDog/datadog-api-client-go/v2/api/datadog""github.com/DataDog/datadog-api-client-go/v2/api/datadogV1")funcmain(){body:=datadogV1.Monitor{Name:datadog.PtrString("Example Monitor"),Type:datadogV1.MONITORTYPE_COST_ALERT,Query:`formula("exclude_null(query1)").last("7d").anomaly(direction="above", threshold=10) >= 5`,Message:datadog.PtrString("some message Notify: @hipchat-channel"),Tags:[]string{"test:examplemonitor","env:ci",},Priority:*datadog.NewNullableInt64(datadog.PtrInt64(3)),Options:&datadogV1.MonitorOptions{Thresholds:&datadogV1.MonitorThresholds{Critical:datadog.PtrFloat64(5),Warning:*datadog.NewNullableFloat64(datadog.PtrFloat64(3)),},Variables:[]datadogV1.MonitorFormulaAndFunctionQueryDefinition{datadogV1.MonitorFormulaAndFunctionQueryDefinition{MonitorFormulaAndFunctionCostQueryDefinition:&datadogV1.MonitorFormulaAndFunctionCostQueryDefinition{DataSource:datadogV1.MONITORFORMULAANDFUNCTIONCOSTDATASOURCE_CLOUD_COST,Query:"sum:aws.cost.net.amortized.shared.resources.allocated{aws_product IN (amplify ,athena, backup, bedrock ) } by {aws_product}.rollup(sum, 86400)",Name:"query1",Aggregator:datadogV1.MONITORFORMULAANDFUNCTIONCOSTAGGREGATOR_SUM.Ptr(),}},},IncludeTags:datadog.PtrBool(true),},}ctx:=datadog.NewDefaultContext(context.Background())configuration:=datadog.NewConfiguration()apiClient:=datadog.NewAPIClient(configuration)api:=datadogV1.NewMonitorsApi(apiClient)resp,r,err:=api.CreateMonitor(ctx,body)iferr!=nil{fmt.Fprintf(os.Stderr,"Error when calling `MonitorsApi.CreateMonitor`: %v\n",err)fmt.Fprintf(os.Stderr,"Full HTTP response: %v\n",r)}responseContent,_:=json.MarshalIndent(resp,""," ")fmt.Fprintf(os.Stdout,"Response from `MonitorsApi.CreateMonitor`:\n%s\n",responseContent)}
// Create a Data Quality monitor returns "OK" responsepackagemainimport("context""encoding/json""fmt""os""github.com/DataDog/datadog-api-client-go/v2/api/datadog""github.com/DataDog/datadog-api-client-go/v2/api/datadogV1")funcmain(){body:=datadogV1.Monitor{Name:datadog.PtrString("Example-Monitor"),Type:datadogV1.MONITORTYPE_DATA_QUALITY_ALERT,Query:`formula("query1").last("5m") > 100`,Message:datadog.PtrString("Data quality alert triggered"),Tags:[]string{"test:examplemonitor","env:ci",},Priority:*datadog.NewNullableInt64(datadog.PtrInt64(3)),Options:&datadogV1.MonitorOptions{Thresholds:&datadogV1.MonitorThresholds{Critical:datadog.PtrFloat64(100),},Variables:[]datadogV1.MonitorFormulaAndFunctionQueryDefinition{datadogV1.MonitorFormulaAndFunctionQueryDefinition{MonitorFormulaAndFunctionDataQualityQueryDefinition:&datadogV1.MonitorFormulaAndFunctionDataQualityQueryDefinition{Name:"query1",DataSource:datadogV1.MONITORFORMULAANDFUNCTIONDATAQUALITYDATASOURCE_DATA_QUALITY_METRICS,Measure:"row_count",Filter:`search for column where `+"`"+`database:production AND table:users`+"`",GroupBy:[]string{"entity_id",},}},},},}ctx:=datadog.NewDefaultContext(context.Background())configuration:=datadog.NewConfiguration()apiClient:=datadog.NewAPIClient(configuration)api:=datadogV1.NewMonitorsApi(apiClient)resp,r,err:=api.CreateMonitor(ctx,body)iferr!=nil{fmt.Fprintf(os.Stderr,"Error when calling `MonitorsApi.CreateMonitor`: %v\n",err)fmt.Fprintf(os.Stderr,"Full HTTP response: %v\n",r)}responseContent,_:=json.MarshalIndent(resp,""," ")fmt.Fprintf(os.Stdout,"Response from `MonitorsApi.CreateMonitor`:\n%s\n",responseContent)}
// Create a RUM formula and functions monitor returns "OK" responsepackagemainimport("context""encoding/json""fmt""os""github.com/DataDog/datadog-api-client-go/v2/api/datadog""github.com/DataDog/datadog-api-client-go/v2/api/datadogV1")funcmain(){body:=datadogV1.Monitor{Name:datadog.PtrString("Example-Monitor"),Type:datadogV1.MONITORTYPE_RUM_ALERT,Query:`formula("query2 / query1 * 100").last("15m") >= 0.8`,Message:datadog.PtrString("some message Notify: @hipchat-channel"),Tags:[]string{"test:examplemonitor","env:ci",},Priority:*datadog.NewNullableInt64(datadog.PtrInt64(3)),Options:&datadogV1.MonitorOptions{Thresholds:&datadogV1.MonitorThresholds{Critical:datadog.PtrFloat64(0.8),},Variables:[]datadogV1.MonitorFormulaAndFunctionQueryDefinition{datadogV1.MonitorFormulaAndFunctionQueryDefinition{MonitorFormulaAndFunctionEventQueryDefinition:&datadogV1.MonitorFormulaAndFunctionEventQueryDefinition{DataSource:datadogV1.MONITORFORMULAANDFUNCTIONEVENTSDATASOURCE_RUM,Name:"query2",Search:&datadogV1.MonitorFormulaAndFunctionEventQueryDefinitionSearch{Query:"",},Indexes:[]string{"*",},Compute:datadogV1.MonitorFormulaAndFunctionEventQueryDefinitionCompute{Aggregation:datadogV1.MONITORFORMULAANDFUNCTIONEVENTAGGREGATION_COUNT,},GroupBy:[]datadogV1.MonitorFormulaAndFunctionEventQueryGroupBy{},}},datadogV1.MonitorFormulaAndFunctionQueryDefinition{MonitorFormulaAndFunctionEventQueryDefinition:&datadogV1.MonitorFormulaAndFunctionEventQueryDefinition{DataSource:datadogV1.MONITORFORMULAANDFUNCTIONEVENTSDATASOURCE_RUM,Name:"query1",Search:&datadogV1.MonitorFormulaAndFunctionEventQueryDefinitionSearch{Query:"status:error",},Indexes:[]string{"*",},Compute:datadogV1.MonitorFormulaAndFunctionEventQueryDefinitionCompute{Aggregation:datadogV1.MONITORFORMULAANDFUNCTIONEVENTAGGREGATION_COUNT,},GroupBy:[]datadogV1.MonitorFormulaAndFunctionEventQueryGroupBy{},}},},},}ctx:=datadog.NewDefaultContext(context.Background())configuration:=datadog.NewConfiguration()apiClient:=datadog.NewAPIClient(configuration)api:=datadogV1.NewMonitorsApi(apiClient)resp,r,err:=api.CreateMonitor(ctx,body)iferr!=nil{fmt.Fprintf(os.Stderr,"Error when calling `MonitorsApi.CreateMonitor`: %v\n",err)fmt.Fprintf(os.Stderr,"Full HTTP response: %v\n",r)}responseContent,_:=json.MarshalIndent(resp,""," ")fmt.Fprintf(os.Stdout,"Response from `MonitorsApi.CreateMonitor`:\n%s\n",responseContent)}
fromdatadogimportinitialize,apioptions={'api_key':'<DATADOG_API_KEY>','app_key':'<DATADOG_APPLICATION_KEY>'}initialize(**options)# Create a new monitormonitor_options={"notify_no_data":True,"no_data_timeframe":20}tags=["app:webserver","frontend"]api.Monitor.create(type="query alert",query="avg(last_5m):sum:system.net.bytes_rcvd{host:host0} > 100",name="Bytes received on host0",message="We may need to add web hosts if this is consistently high.",tags=tags,options=monitor_options)
"""
Create a Cost Monitor returns "OK" response
"""fromdatadog_api_clientimportApiClient,Configurationfromdatadog_api_client.v1.api.monitors_apiimportMonitorsApifromdatadog_api_client.v1.model.monitorimportMonitorfromdatadog_api_client.v1.model.monitor_formula_and_function_cost_aggregatorimport(MonitorFormulaAndFunctionCostAggregator,)fromdatadog_api_client.v1.model.monitor_formula_and_function_cost_data_sourceimport(MonitorFormulaAndFunctionCostDataSource,)fromdatadog_api_client.v1.model.monitor_formula_and_function_cost_query_definitionimport(MonitorFormulaAndFunctionCostQueryDefinition,)fromdatadog_api_client.v1.model.monitor_optionsimportMonitorOptionsfromdatadog_api_client.v1.model.monitor_thresholdsimportMonitorThresholdsfromdatadog_api_client.v1.model.monitor_typeimportMonitorTypebody=Monitor(name="Example Monitor",type=MonitorType.COST_ALERT,query='formula("exclude_null(query1)").last("7d").anomaly(direction="above", threshold=10) >= 5',message="some message Notify: @hipchat-channel",tags=["test:examplemonitor","env:ci",],priority=3,options=MonitorOptions(thresholds=MonitorThresholds(critical=5.0,warning=3.0,),variables=[MonitorFormulaAndFunctionCostQueryDefinition(data_source=MonitorFormulaAndFunctionCostDataSource.CLOUD_COST,query="sum:aws.cost.net.amortized.shared.resources.allocated{aws_product IN (amplify ,athena, backup, bedrock ) } by {aws_product}.rollup(sum, 86400)",name="query1",aggregator=MonitorFormulaAndFunctionCostAggregator.SUM,),],include_tags=True,),)configuration=Configuration()withApiClient(configuration)asapi_client:api_instance=MonitorsApi(api_client)response=api_instance.create_monitor(body=body)print(response)
"""
Create a Data Quality monitor returns "OK" response
"""fromdatadog_api_clientimportApiClient,Configurationfromdatadog_api_client.v1.api.monitors_apiimportMonitorsApifromdatadog_api_client.v1.model.monitorimportMonitorfromdatadog_api_client.v1.model.monitor_formula_and_function_data_quality_data_sourceimport(MonitorFormulaAndFunctionDataQualityDataSource,)fromdatadog_api_client.v1.model.monitor_formula_and_function_data_quality_query_definitionimport(MonitorFormulaAndFunctionDataQualityQueryDefinition,)fromdatadog_api_client.v1.model.monitor_optionsimportMonitorOptionsfromdatadog_api_client.v1.model.monitor_thresholdsimportMonitorThresholdsfromdatadog_api_client.v1.model.monitor_typeimportMonitorTypebody=Monitor(name="Example-Monitor",type=MonitorType.DATA_QUALITY_ALERT,query='formula("query1").last("5m") > 100',message="Data quality alert triggered",tags=["test:examplemonitor","env:ci",],priority=3,options=MonitorOptions(thresholds=MonitorThresholds(critical=100.0,),variables=[MonitorFormulaAndFunctionDataQualityQueryDefinition(name="query1",data_source=MonitorFormulaAndFunctionDataQualityDataSource.DATA_QUALITY_METRICS,measure="row_count",filter="search for column where `database:production AND table:users`",group_by=["entity_id",],),],),)configuration=Configuration()withApiClient(configuration)asapi_client:api_instance=MonitorsApi(api_client)response=api_instance.create_monitor(body=body)print(response)
"""
Create a RUM formula and functions monitor returns "OK" response
"""fromdatadog_api_clientimportApiClient,Configurationfromdatadog_api_client.v1.api.monitors_apiimportMonitorsApifromdatadog_api_client.v1.model.monitorimportMonitorfromdatadog_api_client.v1.model.monitor_formula_and_function_event_aggregationimport(MonitorFormulaAndFunctionEventAggregation,)fromdatadog_api_client.v1.model.monitor_formula_and_function_event_query_definitionimport(MonitorFormulaAndFunctionEventQueryDefinition,)fromdatadog_api_client.v1.model.monitor_formula_and_function_event_query_definition_computeimport(MonitorFormulaAndFunctionEventQueryDefinitionCompute,)fromdatadog_api_client.v1.model.monitor_formula_and_function_event_query_definition_searchimport(MonitorFormulaAndFunctionEventQueryDefinitionSearch,)fromdatadog_api_client.v1.model.monitor_formula_and_function_events_data_sourceimport(MonitorFormulaAndFunctionEventsDataSource,)fromdatadog_api_client.v1.model.monitor_optionsimportMonitorOptionsfromdatadog_api_client.v1.model.monitor_thresholdsimportMonitorThresholdsfromdatadog_api_client.v1.model.monitor_typeimportMonitorTypebody=Monitor(name="Example-Monitor",type=MonitorType.RUM_ALERT,query='formula("query2 / query1 * 100").last("15m") >= 0.8',message="some message Notify: @hipchat-channel",tags=["test:examplemonitor","env:ci",],priority=3,options=MonitorOptions(thresholds=MonitorThresholds(critical=0.8,),variables=[MonitorFormulaAndFunctionEventQueryDefinition(data_source=MonitorFormulaAndFunctionEventsDataSource.RUM,name="query2",search=MonitorFormulaAndFunctionEventQueryDefinitionSearch(query="",),indexes=["*",],compute=MonitorFormulaAndFunctionEventQueryDefinitionCompute(aggregation=MonitorFormulaAndFunctionEventAggregation.COUNT,),group_by=[],),MonitorFormulaAndFunctionEventQueryDefinition(data_source=MonitorFormulaAndFunctionEventsDataSource.RUM,name="query1",search=MonitorFormulaAndFunctionEventQueryDefinitionSearch(query="status:error",),indexes=["*",],compute=MonitorFormulaAndFunctionEventQueryDefinitionCompute(aggregation=MonitorFormulaAndFunctionEventAggregation.COUNT,),group_by=[],),],),)configuration=Configuration()withApiClient(configuration)asapi_client:api_instance=MonitorsApi(api_client)response=api_instance.create_monitor(body=body)print(response)
require'dogapi'api_key='<DATADOG_API_KEY>'app_key='<DATADOG_APPLICATION_KEY>'dog=Dogapi::Client.new(api_key,app_key)# Create a new monitoroptions={'notify_no_data'=>true,'no_data_timeframe'=>20}tags=['app:webserver','frontend']dog.monitor('query alert','avg(last_5m):sum:system.net.bytes_rcvd{host:host0} > 100',name:'Bytes received on host0',message:'We may need to add web hosts if this is consistently high.',tags:tags,options:options)
# Create a Cost Monitor returns "OK" responserequire"datadog_api_client"api_instance=DatadogAPIClient::V1::MonitorsAPI.newbody=DatadogAPIClient::V1::Monitor.new({name:"Example Monitor",type:DatadogAPIClient::V1::MonitorType::COST_ALERT,query:'formula("exclude_null(query1)").last("7d").anomaly(direction="above", threshold=10) >= 5',message:"some message Notify: @hipchat-channel",tags:["test:examplemonitor","env:ci",],priority:3,options:DatadogAPIClient::V1::MonitorOptions.new({thresholds:DatadogAPIClient::V1::MonitorThresholds.new({critical:5,warning:3,}),variables:[DatadogAPIClient::V1::MonitorFormulaAndFunctionCostQueryDefinition.new({data_source:DatadogAPIClient::V1::MonitorFormulaAndFunctionCostDataSource::CLOUD_COST,query:"sum:aws.cost.net.amortized.shared.resources.allocated{aws_product IN (amplify ,athena, backup, bedrock ) } by {aws_product}.rollup(sum, 86400)",name:"query1",aggregator:DatadogAPIClient::V1::MonitorFormulaAndFunctionCostAggregator::SUM,}),],include_tags:true,}),})papi_instance.create_monitor(body)
# Create a Data Quality monitor returns "OK" responserequire"datadog_api_client"api_instance=DatadogAPIClient::V1::MonitorsAPI.newbody=DatadogAPIClient::V1::Monitor.new({name:"Example-Monitor",type:DatadogAPIClient::V1::MonitorType::DATA_QUALITY_ALERT,query:'formula("query1").last("5m") > 100',message:"Data quality alert triggered",tags:["test:examplemonitor","env:ci",],priority:3,options:DatadogAPIClient::V1::MonitorOptions.new({thresholds:DatadogAPIClient::V1::MonitorThresholds.new({critical:100,}),variables:[DatadogAPIClient::V1::MonitorFormulaAndFunctionDataQualityQueryDefinition.new({name:"query1",data_source:DatadogAPIClient::V1::MonitorFormulaAndFunctionDataQualityDataSource::DATA_QUALITY_METRICS,measure:"row_count",filter:"search for column where `database:production AND table:users`",group_by:["entity_id",],}),],}),})papi_instance.create_monitor(body)
# Create a RUM formula and functions monitor returns "OK" responserequire"datadog_api_client"api_instance=DatadogAPIClient::V1::MonitorsAPI.newbody=DatadogAPIClient::V1::Monitor.new({name:"Example-Monitor",type:DatadogAPIClient::V1::MonitorType::RUM_ALERT,query:'formula("query2 / query1 * 100").last("15m") >= 0.8',message:"some message Notify: @hipchat-channel",tags:["test:examplemonitor","env:ci",],priority:3,options:DatadogAPIClient::V1::MonitorOptions.new({thresholds:DatadogAPIClient::V1::MonitorThresholds.new({critical:0.8,}),variables:[DatadogAPIClient::V1::MonitorFormulaAndFunctionEventQueryDefinition.new({data_source:DatadogAPIClient::V1::MonitorFormulaAndFunctionEventsDataSource::RUM,name:"query2",search:DatadogAPIClient::V1::MonitorFormulaAndFunctionEventQueryDefinitionSearch.new({query:"",}),indexes:["*",],compute:DatadogAPIClient::V1::MonitorFormulaAndFunctionEventQueryDefinitionCompute.new({aggregation:DatadogAPIClient::V1::MonitorFormulaAndFunctionEventAggregation::COUNT,}),group_by:[],}),DatadogAPIClient::V1::MonitorFormulaAndFunctionEventQueryDefinition.new({data_source:DatadogAPIClient::V1::MonitorFormulaAndFunctionEventsDataSource::RUM,name:"query1",search:DatadogAPIClient::V1::MonitorFormulaAndFunctionEventQueryDefinitionSearch.new({query:"status:error",}),indexes:["*",],compute:DatadogAPIClient::V1::MonitorFormulaAndFunctionEventQueryDefinitionCompute.new({aggregation:DatadogAPIClient::V1::MonitorFormulaAndFunctionEventAggregation::COUNT,}),group_by:[],}),],}),})papi_instance.create_monitor(body)
// Create a Cost Monitor returns "OK" response
usedatadog_api_client::datadog;usedatadog_api_client::datadogV1::api_monitors::MonitorsAPI;usedatadog_api_client::datadogV1::model::Monitor;usedatadog_api_client::datadogV1::model::MonitorFormulaAndFunctionCostAggregator;usedatadog_api_client::datadogV1::model::MonitorFormulaAndFunctionCostDataSource;usedatadog_api_client::datadogV1::model::MonitorFormulaAndFunctionCostQueryDefinition;usedatadog_api_client::datadogV1::model::MonitorFormulaAndFunctionQueryDefinition;usedatadog_api_client::datadogV1::model::MonitorOptions;usedatadog_api_client::datadogV1::model::MonitorThresholds;usedatadog_api_client::datadogV1::model::MonitorType;#[tokio::main]asyncfnmain(){letbody=Monitor::new(r#"formula("exclude_null(query1)").last("7d").anomaly(direction="above", threshold=10) >= 5"#.to_string(),MonitorType::COST_ALERT,).message("some message Notify: @hipchat-channel".to_string()).name("Example Monitor".to_string()).options(MonitorOptions::new().include_tags(true).thresholds(MonitorThresholds::new().critical(5.0asf64).warning(Some(3.0asf64))).variables(vec![MonitorFormulaAndFunctionQueryDefinition::MonitorFormulaAndFunctionCostQueryDefinition(Box::new(MonitorFormulaAndFunctionCostQueryDefinition::new(MonitorFormulaAndFunctionCostDataSource::CLOUD_COST,"query1".to_string(),"sum:aws.cost.net.amortized.shared.resources.allocated{aws_product IN (amplify ,athena, backup, bedrock ) } by {aws_product}.rollup(sum, 86400)".to_string(),).aggregator(MonitorFormulaAndFunctionCostAggregator::SUM),),)],),).priority(Some(3)).tags(vec!["test:examplemonitor".to_string(),"env:ci".to_string()]);letconfiguration=datadog::Configuration::new();letapi=MonitorsAPI::with_config(configuration);letresp=api.create_monitor(body).await;ifletOk(value)=resp{println!("{:#?}",value);}else{println!("{:#?}",resp.unwrap_err());}}
// Create a Data Quality monitor returns "OK" response
usedatadog_api_client::datadog;usedatadog_api_client::datadogV1::api_monitors::MonitorsAPI;usedatadog_api_client::datadogV1::model::Monitor;usedatadog_api_client::datadogV1::model::MonitorFormulaAndFunctionDataQualityDataSource;usedatadog_api_client::datadogV1::model::MonitorFormulaAndFunctionDataQualityQueryDefinition;usedatadog_api_client::datadogV1::model::MonitorFormulaAndFunctionQueryDefinition;usedatadog_api_client::datadogV1::model::MonitorOptions;usedatadog_api_client::datadogV1::model::MonitorThresholds;usedatadog_api_client::datadogV1::model::MonitorType;#[tokio::main]asyncfnmain(){letbody=Monitor::new(r#"formula("query1").last("5m") > 100"#.to_string(),MonitorType::DATA_QUALITY_ALERT).message("Data quality alert triggered".to_string()).name("Example-Monitor".to_string()).options(MonitorOptions::new().thresholds(MonitorThresholds::new().critical(100.0asf64)).variables(vec![MonitorFormulaAndFunctionQueryDefinition::MonitorFormulaAndFunctionDataQualityQueryDefinition(Box::new(MonitorFormulaAndFunctionDataQualityQueryDefinition::new(MonitorFormulaAndFunctionDataQualityDataSource::DATA_QUALITY_METRICS,r#"search for column where `database:production AND table:users`"#.to_string(),"row_count".to_string(),"query1".to_string(),).group_by(vec!["entity_id".to_string()]),),)],),).priority(Some(3)).tags(vec!["test:examplemonitor".to_string(),"env:ci".to_string()]);letconfiguration=datadog::Configuration::new();letapi=MonitorsAPI::with_config(configuration);letresp=api.create_monitor(body).await;ifletOk(value)=resp{println!("{:#?}",value);}else{println!("{:#?}",resp.unwrap_err());}}
// Create a RUM formula and functions monitor returns "OK" response
usedatadog_api_client::datadog;usedatadog_api_client::datadogV1::api_monitors::MonitorsAPI;usedatadog_api_client::datadogV1::model::Monitor;usedatadog_api_client::datadogV1::model::MonitorFormulaAndFunctionEventAggregation;usedatadog_api_client::datadogV1::model::MonitorFormulaAndFunctionEventQueryDefinition;usedatadog_api_client::datadogV1::model::MonitorFormulaAndFunctionEventQueryDefinitionCompute;usedatadog_api_client::datadogV1::model::MonitorFormulaAndFunctionEventQueryDefinitionSearch;usedatadog_api_client::datadogV1::model::MonitorFormulaAndFunctionEventsDataSource;usedatadog_api_client::datadogV1::model::MonitorFormulaAndFunctionQueryDefinition;usedatadog_api_client::datadogV1::model::MonitorOptions;usedatadog_api_client::datadogV1::model::MonitorThresholds;usedatadog_api_client::datadogV1::model::MonitorType;#[tokio::main]asyncfnmain(){letbody=Monitor::new(r#"formula("query2 / query1 * 100").last("15m") >= 0.8"#.to_string(),MonitorType::RUM_ALERT).message("some message Notify: @hipchat-channel".to_string()).name("Example-Monitor".to_string()).options(MonitorOptions::new().thresholds(MonitorThresholds::new().critical(0.8asf64)).variables(vec![MonitorFormulaAndFunctionQueryDefinition::MonitorFormulaAndFunctionEventQueryDefinition(Box::new(MonitorFormulaAndFunctionEventQueryDefinition::new(MonitorFormulaAndFunctionEventQueryDefinitionCompute::new(MonitorFormulaAndFunctionEventAggregation::COUNT,),MonitorFormulaAndFunctionEventsDataSource::RUM,"query2".to_string(),).group_by(vec![]).indexes(vec!["*".to_string()]).search(MonitorFormulaAndFunctionEventQueryDefinitionSearch::new("".to_string()),),),),MonitorFormulaAndFunctionQueryDefinition::MonitorFormulaAndFunctionEventQueryDefinition(Box::new(MonitorFormulaAndFunctionEventQueryDefinition::new(MonitorFormulaAndFunctionEventQueryDefinitionCompute::new(MonitorFormulaAndFunctionEventAggregation::COUNT,),MonitorFormulaAndFunctionEventsDataSource::RUM,"query1".to_string(),).group_by(vec![]).indexes(vec!["*".to_string()]).search(MonitorFormulaAndFunctionEventQueryDefinitionSearch::new("status:error".to_string(),),),),)],),).priority(Some(3)).tags(vec!["test:examplemonitor".to_string(),"env:ci".to_string()]);letconfiguration=datadog::Configuration::new();letapi=MonitorsAPI::with_config(configuration);letresp=api.create_monitor(body).await;ifletOk(value)=resp{println!("{:#?}",value);}else{println!("{:#?}",resp.unwrap_err());}}
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com"DD_API_KEY="<DD_API_KEY>"DD_APP_KEY="<DD_APP_KEY>"cargo run
/**
* Create a Cost Monitor returns "OK" response
*/import{client,v1}from"@datadog/datadog-api-client";constconfiguration=client.createConfiguration();constapiInstance=newv1.MonitorsApi(configuration);constparams: v1.MonitorsApiCreateMonitorRequest={body:{name:"Example Monitor",type:"cost alert",query:`formula("exclude_null(query1)").last("7d").anomaly(direction="above", threshold=10) >= 5`,message:"some message Notify: @hipchat-channel",tags:["test:examplemonitor","env:ci"],priority: 3,options:{thresholds:{critical: 5,warning: 3,},variables:[{dataSource:"cloud_cost",query:"sum:aws.cost.net.amortized.shared.resources.allocated{aws_product IN (amplify ,athena, backup, bedrock ) } by {aws_product}.rollup(sum, 86400)",name:"query1",aggregator:"sum",},],includeTags: true,},},};apiInstance.createMonitor(params).then((data: v1.Monitor)=>{console.log("API called successfully. Returned data: "+JSON.stringify(data));}).catch((error: any)=>console.error(error));
/**
* Create a Data Quality monitor returns "OK" response
*/import{client,v1}from"@datadog/datadog-api-client";constconfiguration=client.createConfiguration();constapiInstance=newv1.MonitorsApi(configuration);constparams: v1.MonitorsApiCreateMonitorRequest={body:{name:"Example-Monitor",type:"data-quality alert",query:`formula("query1").last("5m") > 100`,message:"Data quality alert triggered",tags:["test:examplemonitor","env:ci"],priority: 3,options:{thresholds:{critical: 100,},variables:[{name:"query1",dataSource:"data_quality_metrics",measure:"row_count",filter:`search for column where `+"`"+`database:production AND table:users`+"`",groupBy:["entity_id"],},],},},};apiInstance.createMonitor(params).then((data: v1.Monitor)=>{console.log("API called successfully. Returned data: "+JSON.stringify(data));}).catch((error: any)=>console.error(error));
/**
* Create a RUM formula and functions monitor returns "OK" response
*/import{client,v1}from"@datadog/datadog-api-client";constconfiguration=client.createConfiguration();constapiInstance=newv1.MonitorsApi(configuration);constparams: v1.MonitorsApiCreateMonitorRequest={body:{name:"Example-Monitor",type:"rum alert",query:`formula("query2 / query1 * 100").last("15m") >= 0.8`,message:"some message Notify: @hipchat-channel",tags:["test:examplemonitor","env:ci"],priority: 3,options:{thresholds:{critical: 0.8,},variables:[{dataSource:"rum",name:"query2",search:{query:"",},indexes:["*"],compute:{aggregation:"count",},groupBy:[],},{dataSource:"rum",name:"query1",search:{query:"status:error",},indexes:["*"],compute:{aggregation:"count",},groupBy:[],},],},},};apiInstance.createMonitor(params).then((data: v1.Monitor)=>{console.log("API called successfully. Returned data: "+JSON.stringify(data));}).catch((error: any)=>console.error(error));
