Alert rules
An alert rule is a set of evaluation criteria for when an alert rule should fire. An alert rule consists of:
- Queries that select the dataset to evaluate.
- An alert condition (the threshold) that the query must meet or exceed to trigger the alert instance.
- An interval that specifies the frequency of alert rule evaluation and a duration indicating how long the condition must be met to trigger the alert instance.
- Other customizable options, for example, setting what should happen in the absence of data, notification messages, and more.
Grafana supports two different alert rule types: Grafana-managed alert rules and data source-managed alert rules.
Grafana-managed alert rules
Grafana-managed alert rules are the most flexible alert rule type. They allow you to create alert rules that can act on data from any of the supported data sources, and use multiple data sources in a single alert rule.
![How Grafana-managed alerting works by default How Grafana-managed alerting works by default](/media/docs/alerting/grafana-managed-alerting-architecture.png)
- Alert rules are created within Grafana and query one or more data sources.
- Alert rules are evaluated by the Alert Rule Evaluation Engine from within Grafana.
- Firing and resolved alert instances are forwarded to handle their notifications.
Supported data sources
Grafana-managed alert rules can query backend data sources if Grafana Alerting is enabled by specifying {"backend": true, "alerting": true}
in the plugin.json
file.
Find the public data sources supporting Alerting in the Grafana Plugins directory.
Data source-managed alert rules
Data source-managed alert rules can only query Prometheus-based data sources, such as Prometheus, Grafana Mimir, or Grafana Loki.
Alert rules are stored within the data source. In this distributed architecture, the separation of components can provide high-availability and fault tolerance, enabling the scaling of your alerting setup.
![Mimir-managed alerting architecture Mimir-managed alerting architecture](/media/docs/alerting/mimir-managed-alerting-architecture-v2.png)
- Alert rules are created and stored within the data source itself.
- Alert rules can only query Prometheus-based data.
- Alert rules are evaluated by the Alert Rule Evaluation Engine.
- Firing and resolved alert instances are forwarded to handle their notifications.
Comparison between alert rule types
We recommend using Grafana-managed alert rules whenever possible, and opting for data source-managed alert rules when you need to scale your alerting setup.
The table below compares Grafana-managed and data source-managed alert rules.
Recording rules
Similar to alert rules, recording rules are evaluated periodically. A recording rule pre-computes frequently used or computationally expensive queries, and saves the results as a new time series metric.
The new recording metric can then be used in alert rules and dashboards to optimize their queries.
For more details, refer to Create recording rules.