Alerts

Alerts are created using event definitions that consist of conditions. When a given condition is met, it will be stored as an event and can be used to trigger a notification. If your system has an Operations license, then events may be combined to create correlations.

Graylog ships with default alert conditions and alert notifications, and both can be extended with plugins.

Notifications

Notifications are messages that are set up by the user to inform about an event. They can be created via the Create Notification button on the Notifications page under Alerts or can be defined in the event workflow. More details about notifications, including all default notification types, are described in the Notifications documentation.