The Triggered alerts page offers an updated list of notifications of recently triggered alerts, as long as they were not suppressed.

You can think of it as a live dashboard summary of all the triggered alert notifications sent. So that even if you’re not on the recipients list, you can still know which events occurred.

Triggered alerts

To view the Triggered alerts page, select Logs > Triggered alerts from the top menu.

  • To view the raw logs for a particular event, click the button View in OpenSearch Dashboards.

    You’ll be taken to OpenSearch Dashboards, with the logs filtered to return the exact logs that caused the alert to trigger. Using OpenSearch Dashboards, you can explore your logs and get a better idea of the conditions that led to the triggered alert.

    This is the same link that appears in the alert notification.

View the latest triggered alert events, regardless of suppression

You can easily view the event logs written by the alert over the last 36 hours, regardless of notification suppression.

  • Open the Logs > Alerts page from the navigation menu.
  • Hover over an alert and click its Menu button .
  • Select View last events.

View last events option to quickly review triggered alerts regardless of notification suppression

You’ll be taken to the OpenSearch Dashboards view, filtered by the alert ID for the last 36 hours. You can easily adjust the time picker to filter for another time frame.

Each log document represents an event, when the alert’s query and triggering conditions were met. Click the Investigate button on a select event to drill down on the raw logs that caused the alert to trigger.