Documentationbreadcrumb arrow Grafana Cloudbreadcrumb arrow Knowledge graphbreadcrumb arrow Configurebreadcrumb arrow Alerts
Grafana Cloud

Configure alerts

Grafana Cloud Knowledge Graph transforms alerts into structured insights that explain system behavior. These insights help you understand failures, configuration changes, resource saturation, anomalies, and error events across your environment.

This topic introduces how alert mapping works and how to configure alerts so they correctly populate the knowledge graph. Subsequent topics provide detailed guidance for failure alerts and amend alerts.

How alert mapping works

The knowledge graph analyzes alerts and metadata to determine:

  • Which entity the alert belongs to, such as service, deployment, node, instance, database, and so on
  • What insight category the alert represents
  • How the alert affects entity health, RCA workbench timelines, and change history

To enable this, custom alert rules must include specific asserts labels that the knowledge graph uses to ingest and interpret signals.

Insight categories

The knowledge graph classifies alerts into one of five categories:

CategoryMeaningWhen to Use
FailureThe system is in an incorrect or invalid state.Misconfiguration, missing replicas, incorrect leader, invalid resource state
SaturationA resource is reaching or exceeding capacity.CPU/memory pressure, DB connections near max
ErrorA fault or runtime error has occurred.Job failures, 5xx HTTP errors, crash loops
AnomalyThe system deviates from its normal behavior.Latency spikes, traffic anomalies
AmendA configuration or metadata change took place.Version bumps, scaling events, flag toggles

Categories determine whether an alert contributes to entity health (failure, saturation, error) or contextual timelines (amends).

Required labels for alert ingestion

All alerts mapped into the knowledge graph must include the following labels:

LabelPurpose
asserts_alert_categoryClassifies the alert into an insight category (failure, error, amend, saturation, anomaly)
asserts_entity_typeIdentifies the type of entity receiving the insight
asserts_severityIndicates the impact level (info, warning, critical)

Without these labels, the alert can’t be ingested into the knowledge graph.

LabelPurpose
asserts_envEnables accurate entity resolution across environments
asserts_siteIdentifies region or cluster alignment

Choose the correct type of custom alert

Alert category determines how the knowledge graph interprets a signal:

  • If the system is configured incorrectly, use failure alerts
  • If something in the environment changes configuration or metadata, use amend alerts
  • If the alert measures resource pressure, use saturation alerts
  • If the alert detects runtime faults, use error alerts
  • If the alert identifies abnormal behavior, use anomaly alerts

Failure and amend alerts are the most commonly authored types.

  • For more information about amend alerts, refer to Amend
  • For more information about failure alerts, refer to Failure
  • If you want to integrate existing Grafana Cloud alerts into the knowledge graph, refer to Existing alerts