Alert notification policies
Alert notification policies let you configure automated notifications for alerts that the Virtana Platform generates. Using these policies to route alert information to communication channels.
Action policies are custom YAML-based configurations that define which alerts trigger notifications and where those notifications are sent, such as Slack, Mattermost, or email. Each policy specifies filtering criteria to match specific alerts and one or more actions to execute when a match is found.
Create a notification Policy YAML file
To set up notifications, you create a YAML file that defines the policy's name, filtering criteria, and the action to perform, such as sending a Slack or Mattermost message. The following sections provide ready-to-use templates for each supported channel.
Notification Policy YAML for Slack
The slack-policy.yaml template configures a policy that sends formatted alert notifications to a Slack channel through the incoming webhook.
name: "slack_action_policy"
description: "Slack notification action policy for event provider: OpsCruise"
criteria: "event_provider: OpsCruise AND -status: Closed AND -summary: (RCA OR SLO OR shell OR job OR Readiness OR Liveness OR \"is not ready\") AND substatus: (New OR AutoResolved OR Closing) AND -subtype: ML AND priority: (Medium OR High) AND -entity_type: appObject"
category: "alert_response"
precedence: 1
actions:
- type: "action"
criteria: "true"
action_type: "slack"
action_name: "Slack_Notification"
parameters:
webhook_url: "<WEBHOOK_URL>"
message: "{\"channel\": \"<SLACK_CHANNEL>\",\"text\": \"Virtana Alert Notification\",\"blocks\": [{\"type\": \"rich_text\",\"elements\": [{\"type\": \"rich_text_quote\",\"elements\": [{\"type\": \"text\",\"text\": \"Event Provider: \",\"style\": {\"bold\": true}},{\"type\": \"text\",\"text\": \"$alert.event_provider\\n\"},{\"type\": \"text\",\"text\": \"Ticket ID: \",\"style\": {\"bold\": true}},{\"type\": \"text\",\"text\": \"$alert.key\\n\"},{\"type\": \"text\",\"text\": \"Creation Time: \",\"style\": {\"bold\": true}},{\"type\": \"text\",\"text\": \"$alert.created_on\\n\"},{\"type\": \"text\",\"text\": \"North Details:\\n\",\"style\": {\"bold\": true}},{\"type\": \"text\",\"text\": \" Tenant: \",\"style\": {\"bold\": true}},{\"type\": \"text\",\"text\": \"$alert.orgName\\n\"},{\"type\": \"text\",\"text\": \" Cluster: \",\"style\": {\"bold\": true}},{\"type\": \"text\",\"text\": \"$alert.cluster_id\\n\"},{\"type\": \"text\",\"text\": \"South Details:\\n\",\"style\": {\"bold\": true}},{\"type\": \"text\",\"text\": \" Namespace: \",\"style\": {\"bold\": true}},{\"type\": \"text\",\"text\": \"$alert.related_entities.namespace\\n\"},{\"type\": \"text\",\"text\": \" Entity: \",\"style\": {\"bold\": true}},{\"type\": \"text\",\"text\": \"$alert.entity_name\\n\"},{\"type\": \"text\",\"text\": \" Entity Type: \",\"style\": {\"bold\": true}},{\"type\": \"text\",\"text\": \"$alert.entity_type\\n\"},{\"type\": \"text\",\"text\": \" Last Activity: \",\"style\": {\"bold\": true}},{\"type\": \"text\",\"text\": \"$activity.summary\\n\"},{\"type\": \"text\",\"text\": \"Status: \",\"style\": {\"bold\": true}},{\"type\": \"text\",\"text\": \"$alert.status ($alert.substatus)\\n\"}]}]},{\"type\": \"section\",\"text\": {\"type\": \"mrkdwn\",\"text\": \"*Summary*: $alert.summary\"}},{\"type\": \"context\",\"elements\": [{\"type\": \"image\",\"image_url\": \"https://static.thenounproject.com/png/2456640-200.png\",\"alt_text\": \"notifications warning icon\"},{\"type\": \"mrkdwn\",\"text\": \"*Priority: $alert.priority*\"}]},{\"type\": \"actions\",\"elements\": [{\"type\": \"button\",\"text\": {\"type\": \"plain_text\",\"text\": \"More Information\"},\"style\": \"primary\",\"url\": \"https://<GLOBALVIEW_HOSTNAME>/ui/ipm/alerts/$alert.key?orgId=$alert.tenant_id\"}]},{\"type\": \"divider\"}]}{...}" The following table describes each field in the configuration file.
Field | Description | Default value |
|---|---|---|
| A unique identifier for the policy. |
|
| A human-readable summary of what the policy does and which event provider it targets. |
|
| A filter expression that determines which alerts trigger this policy. |
|
| The policy category. |
|
| An integer that sets the evaluation order when multiple policies exist. |
|
| A list of actions to execute when the criteria match. | |
| The action entry type. |
|
| A secondary filter is applied within the action. |
|
| The notification channel type. |
|
| A descriptive label for this action. |
|
| The incoming webhook URL for your Slack workspace. |
|
| The notification payload in Slack Block Kit JSON format. |
Copy the full YAML template, then replace <GLOBALVIEW_HOSTNAME>, <SLACK_CHANNEL>, and <WEBHOOK_URL> with your actual values before saving.
Notification policy YAML for Mattermost
The mattermost-policy.yaml template configures a policy that sends Markdown-formatted alert notifications to a Mattermost channel via a webhook.
name: "mattermost_action_policy"
description: "Mattermost notification action policy for event provider: OpsCruise"
criteria: "event_provider: OpsCruise AND -status: Closed AND -summary: (RCA OR SLO OR shell OR job OR Readiness OR Liveness OR \"is not ready\") AND substatus: (New OR AutoResolved OR Closing) AND -subtype: ML AND priority: (Medium OR High) AND -entity_type: appObject"
category: "alert_response"
precedence: 1
actions:
- type: "action"
criteria: "true"
action_type: "mattermost"
action_name: "Mattermost_Notification"
parameters:
webhook_url: "<WEBHOOK_URL>"
message: "###### Summary:\t\t\t[$alert.summary](https://<GLOBALVIEW_HOSTNAME>/ui/ipm/alerts/$alert.key?orgId=$alert.tenant_id)\n**Description:**\t\t $alert.description\n**Creation Time:**\t$alert.created_on\n**Tenant Name:**\t $alert.orgName\n**Cluster Name:**\t $alert.cluster_id\n**Namespace:**\t\t$alert.related_entities.namespace\n**Entity:**\t\t\t\t $alert.entity_name\n**Entity Type:**\t\t $alert.entity_type\n**Status:**\t\t\t\t $alert.status ($alert.substatus)\n**Severity:**\t\t\t ***$alert.priority***"Copy the full YAML template, then replace <GLOBALVIEW_HOSTNAME> and <WEBHOOK_URL> with your actual values before saving.
Sample alert filtering criteria
The criteria field uses a query syntax to filter which alerts trigger the policy. Below are individual filter expressions you can combine to build your own criteria.
event_provider: OpsCruise cluster_id: staging summary: Memory -summary: RCA -summary: \"is not ready\" -summary: shell -summary: job -summary: Readiness -summary: Liveness -summary: \"SLO\" -status: Closed substatus: (New OR AutoResolved OR Closing) priority: High -subtype: ML related_entities.namespace: opscruise
The following table describes each field in the configuration file.
Field | Description |
|---|---|
| Match alerts from the OpsCruise event provider. |
| Match alerts from the "staging" cluster. |
| Match alerts whose summary contains "Memory". |
| Exclude alerts with "RCA" in the summary. |
| Exclude alerts containing the phrase "is not ready". |
| Exclude alerts containing the phrase "is not ready". |
| Match alerts with any of these sub-statuses. |
| Match only high-priority alerts. |
| Exclude machine-learning-generated alerts. |
| Match alerts in the "opscruise" namespace. |
Uploading the Notification Policy to the Virtana Platform (Global View)
Once your YAML file is ready, you can upload it to the Virtana Platform using either the web UI or an API call.
Upload to the Global View
Use this method for a quick, manual upload through the browser.
Perform the steps:
Log in to the Virtana Platform.
At the top of the page, click Global View.
In the left panel, click Governance and select Alert Response.
Navigate to Alert Response > Custom Policy > New Policy.
Upload your YAML file and click Save.
Upload through the API Call
Use this method for scripted or automated policy creation. A shell script is provided below that handles authentication and policy upload.
Create a Shellscript createPolicy.sh file with the following code:
#!/bin/bash
# Predefined inputs
base_url=""
client_id=""
client_secret=""
# Function to display usage
usage() {
echo "Usage: $0 <yaml_file>"
exit 1
}
# Check if the correct number of arguments is passed
if [ $# -lt 1 ]; then
usage
fi
# Script inputs
yaml_file=$1
# Authorization API URL
auth_url="$base_url/authorization/oauth/token"
# Alert Policy API URL
policy_api_url="$base_url/api/ipm/alerts/policies"
# Function to generate token
generate_token() {
echo "Generating access token..."
response=$(curl -s -X POST "$auth_url" \
-d "client_id=$client_id" \
-d "client_secret=$client_secret" \
-d "grant_type=client_credentials")
access_token=$(echo "$response" | jq -r '.access_token')
if [ -z "$access_token" ] || [ "$access_token" == "null" ]; then
echo "Failed to obtain access token: $response"
exit 1
fi
echo "Access token obtained successfully."
}
# Function to create alert policy
create_alert_policy() {
echo "Reading YAML content..."
if [ ! -f "$yaml_file" ]; then
echo "Error: YAML file '$yaml_file' not found."
exit 1
fi
yaml_content=$(cat "$yaml_file")
echo "Creating alert policy..."
response=$(curl -v -sS -o response_body.txt -w "%{http_code}" -X POST "$policy_api_url" \
-H "Authorization: Bearer $access_token" \
-H "Content-Type: application/x-yaml" \
--data-raw "$yaml_content")
http_status="$response"
response_body=$(cat response_body.txt)
echo "HTTP Status Code: $http_status"
echo "Response Body: $response_body"
rm -f response_body.txt
}
# Main script execution
generate_token
create_alert_policyThe following table describes each field in the configuration file.
Commands | Description |
|---|---|
| Predefined inputs. |
| Function to display usage. |
| Check if the correct number of arguments is passed. |
| Script inputs. |
| Authorization API URL. |
| Alert Policy API URL. |
| Function to generate a token. |
| Function to create an alert policy. |
| Main script execution. |
Before running the script, set the following values inside it:
Variables | Description |
|---|---|
base_url | Your Virtana Global View URL, for example, |
client_id | OAuth client ID for API authentication. |
client_secret | OAuth client secret for API authentication. |
To generate client_id and client_secret from the Virtana Platform UI, navigate to Settings > Integrations > Virtana Platform API > Generate OAuth Client Credentials.
Run the following command to upload the policy:
bash createPolicy.sh <yaml_file_name>
Important
This script can only be used to create a new alert policy. Updating existing policies is not supported.