Trigger Alerts
Abnormal traffic patterns or errors in API usage can indicate problems or malicious attacks. By setting up alerts for certain thresholds and activities, you can quickly detect and gain insights into patterns that might indicate a security breach, abuse, or abnormal usage.
This tutorial guides you through setting up an alert policy to notify you when a gateway instance goes offline. The policy will call a webhook to notify relevant parties if a gateway instance goes offline within the last 10 minutes.
Prerequisites
- Install API7 Enterprise.
- Have a running API on the gateway group.
- Get the webhook URL of your notification system.
Add a Webhook Template
Each alert policy requires at least one webhook template for notifications. A webhook template defines the content and structure of data sent via webhook when an event occurs. Multiple policies can share the same webhook templates.
Webhooks are a way for different applications or services to communicate with each other in real-time by sending HTTP requests to a predefined URL when certain events happen.
Select Alert from the side navigation bar, then click Webhook Templates.
Click Add Template.
Use
Email-notice
as the template name, and your webhook URL as the URL. This tutorial uses awebhook.site
URL as an example.In the Notification Template field (request body of the webhook), apply the following configurations. The
Title
,Severity
andDetail
fields come from the alert policy:hello, here is an alert example.
Title: {{ .Title }}
AlertTime: {{ .AlertTime.Format "2006 Jan 02 15:04:05" }}
Severity: {{.Severity}}
Detail: {{.Detail}}Click Add.
For more information on the notification template, see template reference.
Add an Alert Policy
An alert policy is a predefined set of conditions and rules that are configured to trigger specific actions or notifications when certain events or conditions occur.
- Select Alert from the side navigation bar, then click Policies.
- Click Add Policy.
- Enter the policy name. This tutorial will use
gateway-instance-offline
as an example. - Click Add.
- Click the newly created alert policy.
- On Trigger Conditions, click Update.
- Choose
gateway instance offline
as condition 1, then choose5 minutes
. - Click Update.
- On Basics, click Update and then apply the following configuration:
- Alert Title:
API7 Gateway Instance Offline
- Alert Detail:
Please check the instance and recover it immediately
- Click Update.
- On Webhook Notifications, click Enable to enable the
Email-notice
template.
Validate
Manually stop a gateway instance and you should see the following output:
hello, here is an alert example.
Title: API7 Gateway Instance Offline
AlertTime: 2006 Jan 02 15:04:05"
Severity: Medium
Detail: Please check the instance and recover immediately