Guides
HomeChangelogStatus PageAPI ExplorerAPI ReferenceCLI ReferenceBlogRequest a Demo

Interacting with Alerts

Suggest Edits

Discover and troubleshoot anomalous events happening in the data assets within your data ecosystem from the Alerts pages in Monte Carlo.

📘

Incidents to Alerts

On June 4, 2024, Incidents were renamed to Alerts in Monte Carlo. You can read more about this change on Introducing: Alerts.


Exploring the Alerts Feed

On Alerts, you see a feed of all alerts, past and ongoing. Filters on the left allow you to filter the alerts by:

  • Status
  • Alert Type
  • Owner
  • Table
  • Dataset
  • Tag
  • Severity

Each row in this table is a summary of the alert with a few, quick-access alert management tools that allow you to:

  • Assign an owner to the alert
  • Classify severity
  • Manage status

Each row can be expanded to see the details of an alert.

Alerts feed with filters applied and one alert expanded

Alerts feed with filters applied and one alert expanded

For information on the various types of alerts found in the Alert feed, refer to the Intro to monitors section.

Select multiple alerts by checking the box at the start of each row. This allows you to assign owner, severity, and status to multiple alerts at the same time.

Alerts feed with multiple alerts selected

Alerts feed with multiple alerts selected

Using Alert IQ

The Alert IQ page is accessible from the Alert feed by clicking the alert title.

Upon click, you are taken to the Summary page in the Alert IQ.

Alert IQ Page

Alert IQ Page

On the left-hand side, there is a alert timeline that shows the list of alert tables and their anomalous events. Alerts are grouped together if they are potentially relevant, so you can see the full impact of an alert.

Alert Grouping

Alerts from different tables are grouped:

  • If they are in the same schema and occurred in a 5-hour window
  • If they connected by lineage and occurred in a 5-hour window, even if they are across different schemas
  • If you opted into grouping repetitive dbt model errors into the same alert
  • If you opted into grouping repetitive dbt test failures into the same alert

Note that operational alerts are only grouped with operational alerts, and data alerts are only grouped with data alerts. Grouped operational alerts include freshness anomalies, volume not updating, dbt and airflow failures. Grouped data alerts include volume changes and field anomalies.

Summary

The Summary menu is the landing page of Alert IQ and contains a quick high-level view of the alert details.

Alert Summary

Alert Summary

Here, the following information is provided:

  • Tables - a list of tables involved in the alert. Clicking on a table in this list will take you to the Catalog page for that table.
  • Notification Channels - a list of Notification Channels which were alerted to this alert. Clicking on a Slack Notification Channel will take you to that channel in your Slack instance.
  • Linked Issues - Jira or ServiceNow tickets created for the alert.
  • Downstream Reports - list of potentially impacted downstream BI reports and their users.
Potentially Impacted Reports

Potentially Impacted Reports

Alert Management

From Alert IQ, there are several features available to aid in alert management.

Note that each of these features is also accessible from the alert feed.

Owner & Severity

Assign an owner to make clear who is responsible for investigating the alert, and a severity to classify the alert.

Assigning Severity

Assigning Severity

Status

Update the status of an alert to track progress of the alert. Updating status is also helpful for analytics and reporting and can aid in defining/meeting SLA's.

Status Update

Status Update

Comments & Activity Log

Add comments to the alert to track notes and findings. Any severity, status, or owner updates are logged here as well.

Add comments on the alert

Add comments on the alert

Alert feedback

Provide feedback about the alert to help Monte Carlo better serve you.

Share feedback on alerts

Share feedback on alerts

Clicking on either of the feedback options helps in two different ways -

  • Feedback is funneled directly to the Monte Carlo Product & Engineering teams who use it to improve the product.
  • If you choose to do so, the machine learning models working in your environment will be tuned accordingly. For example, clicking the positive feedback icon presents the following menu:

There are other ways you can tune the ML models in your environment. For more information, please refer to the following sections:

Alert Chart

Under each event from the alert timeline is a graph that provides visual insight into why the alert was raised.

Graph on Summary menu of Alert IQ

Chart on an anomaly where the table is not changing in size

In this example, the alert originated from an automated (out of the box) monitor which tracks patterns in Volume change -

  • The blue line on the graph represents the change in Volume over the previous week.
  • The section highlighted in red indicates a deviation from the normal pattern.

In this case, the deviation is a halt in Volume changes. In other words, the table has not changed in size as expected based on historical trends.

Frequently Asked Questions

We see flags on some of our alerts that reference correlation or query insights, what is this?

Correlation and query insights represent automated findings that Monte Carlo produced to facilitate the discovery of the root cause of a particular data alert. Click here to learn more about this great feature.

The dbt menu item was not mentioned here, what is that?

If you have a dbt integration set up, you can access information about the dbt model related to the affected table within the dbt menu. Click here to learn more about our dbt integration.

Updated 5 months ago