Alerts

Alerts are created using Event Definitions that consist of Conditions. When a given condition is met it will be stored as an Event and can be used to trigger a notification. If your system has an Operations license, then Events may be combined to create Correlations.

Graylog ships with default alert conditions and alert notifications, and both can be extended with Plugins.

Notifications

Notifications are messages that are set up by the user to inform about an event. They can be created via the Notifications button or can be defined in the Event workflow.

Various default notification types are described on the Notifications page.