Alerts

Alerts in Enclave allow you to monitor the uptime of your agents. This is extremely useful to detect outages and availability across your network. Alerts can also be enabled on conditions in Asset Management, such as when a CVE with a EPSS score of 50% or higher is detected.

How they work

Checks are the parameters that are checked against when to detect whether or not an agent is up or down. We currently only support Deadman checks which support a threshold of how much time should pass before detecting that an agent is down. Checks can be assigned to directly to an agent or assigned using labels.

Notifiers are the alerts that are sent when a check is triggered. Different notifiers can be configured to send different types of alerts. Notifiers can either be global based or assigned directly to a specific check. Notifiers can be configured to send an email, send a slack alert, or send a custom webhook to a service of your choosing.

Example

Let's say we have a few labels in our network: Databases, Web Servers, and Backend Services. We want to alert when any of these services are down. However we may want different alerts for each service. Say a Database or Backend Service is to go down, you want to send an email alerts to your dev ops team. When a Web Server goes down, you want to notify your status page that the website is down. In this example we'll create two checks, one for the Databases and Backend Services and a second for the Web Servers. We'll then create two notifier to send different alerts for each check.