Skip to main content

Alert notification policies

Alert notification policies let you configure automated notifications for alerts that the Virtana Platform generates. Using these policies to route alert information to communication channels.

Action policies are custom YAML-based configurations that define which alerts trigger notifications and where those notifications are sent, such as Slack, Mattermost, or email. Each policy specifies filtering criteria to match specific alerts and one or more actions to execute when a match is found.

Create a notification Policy YAML file

To set up notifications, you create a YAML file that defines the policy's name, filtering criteria, and the action to perform, such as sending a Slack or Mattermost message. The following sections provide ready-to-use templates for each supported channel.

Notification Policy YAML for Slack

The slack-policy.yaml template configures a policy that sends formatted alert notifications to a Slack channel through the incoming webhook.

name: "slack_action_policy"
description: "Slack notification action policy for event provider: OpsCruise"
criteria: "event_provider: OpsCruise AND -status: Closed AND -summary: (RCA OR SLO OR shell OR job OR Readiness OR Liveness OR \"is not ready\") AND substatus: (New OR AutoResolved OR Closing) AND -subtype: ML AND priority: (Medium OR High) AND -entity_type: appObject"
category: "alert_response"
precedence: 1
actions:
  - type: "action"
    criteria: "true"
    action_type: "slack"
    action_name: "Slack_Notification"
    parameters:
      webhook_url: "<WEBHOOK_URL>"
      message: "{\"channel\": \"<SLACK_CHANNEL>\",\"text\": \"Virtana Alert Notification\",\"blocks\": [{\"type\": \"rich_text\",\"elements\": [{\"type\": \"rich_text_quote\",\"elements\": [{\"type\": \"text\",\"text\": \"Event Provider:    \",\"style\": {\"bold\": true}},{\"type\": \"text\",\"text\": \"$alert.event_provider\\n\"},{\"type\": \"text\",\"text\": \"Ticket ID:              \",\"style\": {\"bold\": true}},{\"type\": \"text\",\"text\": \"$alert.key\\n\"},{\"type\": \"text\",\"text\": \"Creation Time:     \",\"style\": {\"bold\": true}},{\"type\": \"text\",\"text\": \"$alert.created_on\\n\"},{\"type\": \"text\",\"text\": \"North Details:\\n\",\"style\": {\"bold\": true}},{\"type\": \"text\",\"text\": \"  Tenant:                  \",\"style\": {\"bold\": true}},{\"type\": \"text\",\"text\": \"$alert.orgName\\n\"},{\"type\": \"text\",\"text\": \"  Cluster:                 \",\"style\": {\"bold\": true}},{\"type\": \"text\",\"text\": \"$alert.cluster_id\\n\"},{\"type\": \"text\",\"text\": \"South Details:\\n\",\"style\": {\"bold\": true}},{\"type\": \"text\",\"text\": \"  Namespace:         \",\"style\": {\"bold\": true}},{\"type\": \"text\",\"text\": \"$alert.related_entities.namespace\\n\"},{\"type\": \"text\",\"text\": \"  Entity:                   \",\"style\": {\"bold\": true}},{\"type\": \"text\",\"text\": \"$alert.entity_name\\n\"},{\"type\": \"text\",\"text\": \"  Entity Type:         \",\"style\": {\"bold\": true}},{\"type\": \"text\",\"text\": \"$alert.entity_type\\n\"},{\"type\": \"text\",\"text\": \"  Last Activity:         \",\"style\": {\"bold\": true}},{\"type\": \"text\",\"text\": \"$activity.summary\\n\"},{\"type\": \"text\",\"text\": \"Status:                    \",\"style\": {\"bold\": true}},{\"type\": \"text\",\"text\": \"$alert.status ($alert.substatus)\\n\"}]}]},{\"type\": \"section\",\"text\": {\"type\": \"mrkdwn\",\"text\": \"*Summary*: $alert.summary\"}},{\"type\": \"context\",\"elements\": [{\"type\": \"image\",\"image_url\": \"https://static.thenounproject.com/png/2456640-200.png\",\"alt_text\": \"notifications warning icon\"},{\"type\": \"mrkdwn\",\"text\": \"*Priority: $alert.priority*\"}]},{\"type\": \"actions\",\"elements\": [{\"type\": \"button\",\"text\": {\"type\": \"plain_text\",\"text\": \"More Information\"},\"style\": \"primary\",\"url\": \"https://<GLOBALVIEW_HOSTNAME>/ui/ipm/alerts/$alert.key?orgId=$alert.tenant_id\"}]},{\"type\": \"divider\"}]}{...}"   

The following table describes each field in the configuration file.

Table 126.

Field

Description

Default value

name

A unique identifier for the policy.

slack_action_policy

description

A human-readable summary of what the policy does and which event provider it targets.

Slack notification action policy for event provider: OpsCruise

criteria

A filter expression that determines which alerts trigger this policy.

event_provider: OpsCruise AND......

category

The policy category.

alert_response

precedence

An integer that sets the evaluation order when multiple policies exist.

1

actions

A list of actions to execute when the criteria match.

actions[].type

The action entry type.

action

actions[].criteria

A secondary filter is applied within the action.

true

actions[].action_type

The notification channel type.

slack

actions[].action_name

A descriptive label for this action.

Slack_Notification

parameters.webhook_url

The incoming webhook URL for your Slack workspace.

<WEBHOOK_URL>

parameters.message

The notification payload in Slack Block Kit JSON format.



Copy the full YAML template, then replace <GLOBALVIEW_HOSTNAME>, <SLACK_CHANNEL>, and <WEBHOOK_URL> with your actual values before saving.

Notification policy YAML for Mattermost

The mattermost-policy.yaml template configures a policy that sends Markdown-formatted alert notifications to a Mattermost channel via a webhook.

name: "mattermost_action_policy"
description: "Mattermost notification action policy for event provider: OpsCruise"
criteria: "event_provider: OpsCruise AND -status: Closed AND -summary: (RCA OR SLO OR shell OR job OR Readiness OR Liveness OR \"is not ready\") AND substatus: (New OR AutoResolved OR Closing) AND -subtype: ML AND priority: (Medium OR High) AND -entity_type: appObject"
category: "alert_response"
precedence: 1
actions:
  - type: "action"
    criteria: "true"
    action_type: "mattermost"
    action_name: "Mattermost_Notification"
    parameters:
      webhook_url: "<WEBHOOK_URL>"
      message: "###### Summary:\t\t\t[$alert.summary](https://<GLOBALVIEW_HOSTNAME>/ui/ipm/alerts/$alert.key?orgId=$alert.tenant_id)\n**Description:**\t\t $alert.description\n**Creation Time:**\t$alert.created_on\n**Tenant Name:**\t $alert.orgName\n**Cluster Name:**\t $alert.cluster_id\n**Namespace:**\t\t$alert.related_entities.namespace\n**Entity:**\t\t\t\t   $alert.entity_name\n**Entity Type:**\t\t $alert.entity_type\n**Status:**\t\t\t\t  $alert.status ($alert.substatus)\n**Severity:**\t\t\t   ***$alert.priority***"

Copy the full YAML template, then replace <GLOBALVIEW_HOSTNAME> and <WEBHOOK_URL> with your actual values before saving.

Sample alert filtering criteria

The criteria field uses a query syntax to filter which alerts trigger the policy. Below are individual filter expressions you can combine to build your own criteria.

event_provider: OpsCruise
cluster_id: staging
summary: Memory
-summary: RCA
-summary: \"is not ready\"
-summary: shell
-summary: job
-summary: Readiness
-summary: Liveness
-summary: \"SLO\"
-status: Closed
substatus: (New OR AutoResolved OR Closing)
priority: High
-subtype: ML
related_entities.namespace: opscruise

The following table describes each field in the configuration file.

Table 127.

Field

Description

event_provider: OpsCruise

Match alerts from the OpsCruise event provider.

cluster_id: staging

Match alerts from the "staging" cluster.

summary: Memory

Match alerts whose summary contains "Memory".

-summary: RCA

Exclude alerts with "RCA" in the summary.

-summary: "is not ready"

Exclude alerts containing the phrase "is not ready".

-status: Closed

Exclude alerts containing the phrase "is not ready".

substatus: (New OR AutoResolved OR Closing)

Match alerts with any of these sub-statuses.

priority: High

Match only high-priority alerts.

-subtype: ML

Exclude machine-learning-generated alerts.

related_entities.namespace: opscruise

Match alerts in the "opscruise" namespace.



Uploading the Notification Policy to the Virtana Platform (Global View)

Once your YAML file is ready, you can upload it to the Virtana Platform using either the web UI or an API call.

Upload to the Global View

Use this method for a quick, manual upload through the browser.

Perform the steps:

  1. Log in to the Virtana Platform.

  2. At the top of the page, click Global View.

  3. In the left panel, click Governance and select Alert Response.

  4. Navigate to Alert Response > Custom Policy > New Policy.

  5. Upload your YAML file and click Save.

Upload through the API Call

Use this method for scripted or automated policy creation. A shell script is provided below that handles authentication and policy upload.

Create a Shellscript createPolicy.sh file with the following code:

#!/bin/bash

# Predefined inputs
base_url=""
client_id=""
client_secret=""

# Function to display usage
usage() {
    echo "Usage: $0 <yaml_file>"
    exit 1
}

# Check if the correct number of arguments is passed
if [ $# -lt 1 ]; then
    usage
fi

# Script inputs
yaml_file=$1

# Authorization API URL
auth_url="$base_url/authorization/oauth/token"

# Alert Policy API URL
policy_api_url="$base_url/api/ipm/alerts/policies"

# Function to generate token
generate_token() {
    echo "Generating access token..."
    response=$(curl -s -X POST "$auth_url" \
        -d "client_id=$client_id" \
        -d "client_secret=$client_secret" \
        -d "grant_type=client_credentials")

    access_token=$(echo "$response" | jq -r '.access_token')

    if [ -z "$access_token" ] || [ "$access_token" == "null" ]; then
        echo "Failed to obtain access token: $response"
        exit 1
    fi

    echo "Access token obtained successfully."
}

# Function to create alert policy
create_alert_policy() {
    echo "Reading YAML content..."
    if [ ! -f "$yaml_file" ]; then
        echo "Error: YAML file '$yaml_file' not found."
        exit 1
    fi

    yaml_content=$(cat "$yaml_file")

    echo "Creating alert policy..."
    response=$(curl -v -sS -o response_body.txt -w "%{http_code}" -X POST "$policy_api_url" \
        -H "Authorization: Bearer $access_token" \
        -H "Content-Type: application/x-yaml" \
        --data-raw "$yaml_content")

    http_status="$response"
    response_body=$(cat response_body.txt)

    echo "HTTP Status Code: $http_status"
    echo "Response Body: $response_body"

    rm -f response_body.txt
}

# Main script execution
generate_token
create_alert_policy

The following table describes each field in the configuration file.

Table 128.

Commands

Description

base_url=""

client_id=""

client_secret=""

Predefined inputs.

usage() { echo "Usage: $0 <yaml_file>" exit 1 }

Function to display usage.

if [ $# -lt 1 ]; then usage fi

Check if the correct number of arguments is passed.

yaml_file=$1

Script inputs.

auth_url="$base_url/authorization/oauth/token"

Authorization API URL.

policy_api_url="$base_url/api/ipm/alerts/policies"

Alert Policy API URL.

generate_token() { echo "Generating.....}

Function to generate a token.

create_alert_policy() { echo "Reading YAML.....}

Function to create an alert policy.

generate_token

create_alert_policy

Main script execution.



Before running the script, set the following values inside it:

Table 129.

Variables

Description

base_url

Your Virtana Global View URL, for example, https://app.cloud.virtana.com.

client_id

OAuth client ID for API authentication.

client_secret

OAuth client secret for API authentication.



To generate client_id and client_secret from the Virtana Platform UI, navigate to Settings > Integrations > Virtana Platform API > Generate OAuth Client Credentials.

Run the following command to upload the policy:

bash createPolicy.sh <yaml_file_name>

Important

This script can only be used to create a new alert policy. Updating existing policies is not supported.