24/7 Log Monitoring Alerts

Monitor specific incoming log events and patterns, and receive real-time alerts on inactivity or system behavior changes.

Monitor systems for server performance issues, failed processes or configuration issues based on a string or pattern of log event – Monitor application availability 24/7.

Learn MoreBook a demo

Real-time Inactivity Alerting
Inactivity Alerting
Know about events that do not occur with Inactivity Alerting
Logentries Inactivity Alerting monitors incoming log events and patterns to ensure that your critical systems and applications are still running as expected – like a heart beat. Logentries users know right away if application components suddenly fail; if credit cards are not being processed; or if website traffic halts unexpectedly, all within seconds. With Inactivity Alerting, users can create real-time notifications based on the absence of expected events or a shift in system behavior patterns in order to identify and resolve the issue before it develops further.
Using Logentries Inactivity Alerting, you can:
Monitor specific incoming log events and patterns, and receive real-time alerts on inactivity or system behavior changes.
Monitor systems for server performance issues, failed processes or configuration issues based on a string or pattern of log event
Monitor application availability 24/7.

Inactivity Alert

Inactivity Alerting can be used to notify you when a pattern or an entire log or group of logs becomes inactive for a given time period.

To use the Anomaly Detection capabilities within the Logentries platform, from the ‘Tags & Alerts’ flyout select Create Inactivity Alert.

Inactivity Alert Fields and Descriptions

Tag Name: The name used to identify the tag going forward.

Pattern: (Optional) The pattern that you would like to match in the Inactivity alert. The pattern may contain regular expressions or our search language, including advanced functions. As this pattern is optional, if this field is left blank, it will default to .* and alert on any entry within the log(s).

Timeframe: The amount of time that must elapse for a notification to be triggered if no data appears in the log. (e.g., if set to 5 minutes and a log event occurs every 4 minutes, no alert will be fired)

Logs: The log(s) that you want this alert applied too.

Report: Sets a limit for the maximum amount of alert notifications you can receive.

Notes: Inactivity alerting will monitor each log individually, E.g. the alert is monitoring a specific event across two logs, if the event occurs in the first log but not the second log in the given timeframe the alert will be triggered for the second log.

Once inactivity is detected and one alert is triggered, if that pattern or log remains inactive you will only get a single alert. Activity will need to resume to restart the monitoring.

The remainder of the Inactivity Alert configuration process is similar to our basic Tags and Alerts. You can choose the type of notification sent (e.g. email, iPhone, Webhook etc.).