A monitor often includes multiple severities and desired outcomes. Observe monitors can use the full power of Observe to conditionally filter data.

The actions that are taken from a monitor's detections are filtered by severity. This allows powerful multi-level routing to be configured.

Rules

A rule determines the severity of a match. Common ways to configure rules are:

• Bands of severity based on the measured data
• Override severity for specific customers or objects

There are four severities: Informational, Warning, Error, and Critical.

A rule must set a severity. Multiple rules may use the same severity.

Actions

When a rule matches, an alert is created which can be reviewed in Alert Explorer.

If there are no muting rules in effect, then the alert may trigger action. See Mute a monitor.

Each action is filtered by severity. Common ways to configure actions are:

• Send all alerts of any severity to S3 for compliance storage
• Send Informational or Warning alerts to Slack only
• Send Error or Critical alerts to Slack and PagerDuty

Multiple actions can match a single severity.