- 필수 기능
- 시작하기
- Glossary
- 표준 속성
- Guides
- Agent
- 통합
- 개방형텔레메트리
- 개발자
- Administrator's Guide
- API
- Datadog Mobile App
- CoScreen
- Cloudcraft
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- APM
- Continuous Profiler
- 스팬 시각화
- 데이터 스트림 모니터링
- 데이터 작업 모니터링
- 디지털 경험
- 소프트웨어 제공
- 보안
- AI Observability
- 로그 관리
- 관리
Datadog automatically creates events from various products including monitors, Watchdog, and Error Tracking. You can also track events generated from the Agent and installed integrations and ingest events from sources, including alert events from third parties, change requests, deployments, configuration changes.
Event monitors alert on ingested events that match a search query, allowing you to focus attention on the events that matter most to your team.
To create an event monitor in Datadog, navigate to Monitors > New Monitor > Event.
As you define the search query, the top graph updates.
Construct a search query using the Event Explorer search syntax.
Choose to monitor over an event count, facet, tags, or attributes:
Group events by multiple dimensions (optional):
All events matching the query are aggregated into groups based on the value of up to four event facets. When there are multiple dimensions, the top values are determined according to the first dimension, then according to the second dimension within the top values of the first dimension, and so on up to the last dimension. Dimensions limit depends on the total number of dimensions:
Trigger when the query meets one of the following conditions compared to a threshold value:
above
above or equal to
below
below or equal to
equal to
not equal to
Note: Some providers introduce a significant delay between when an event is posted, and when the event is initiated. In this case, Datadog back-dates the event to the time of occurrence, which could place an incoming event outside the current monitor evaluation window. Widening your evaluation window can help account for the time difference.
For detailed instructions on the advanced alert options (auto resolve, evaluation delay, etc.), see the Monitor configuration page.
For detailed instructions on the Configure notifications & automations section, see the Notifications page.
Event monitors have specific template variables you can include in the notification message:
Template variable | Definition |
---|---|
{{event.id}} | The ID of the event. |
{{event.title}} | The title of the event. |
{{event.text}} | The text of the event. |
{{event.host.name}} | The name of the host that generated the event. |
{{event.tags}} | A list of tags attached to the event. |
{{event.tags.<TAG_KEY>}} | The value for a specific tag key attached to the event. See the example below. |
key:value
syntaxFor the tags env:test
, env:staging
, and env:prod
:
env
is the tag key.test
, staging
, and prod
are the tag values.The template variable is {{event.tags.env}}
. The result of using this template variable is test
, staging
, or prod
.
Configure the alert grouping strategy:
* Simple-Alert: Simple alerts aggregate over all reporting sources. You receive one alert when the aggregated value meets the set conditions. This works best to monitor a metric from a single host or the sum of a metric across many hosts. This strategy may be selected to reduce notification noise.
* Multi Alert: Multi alerts apply the alert to each source according to your group parameters, up to 1000 matching groups. An alerting event is generated for each group that meets the set conditions. For example, you can group by host
to receive separate alerts for each host.