About alerts

Moesif will monitor your API to detect anomalies using both your current and historical data to notify you if something is wrong.

To set up alerts, login to your Moesif account -> Settings -> Alert Settings

Alerts settings are specific to the org/app regardless of who is signed in from your team.

If you have multiple orgs or apps like a Development and a Production app, each can have their own alert settings.

There are two parts to alerts Alert Channels and Alert Rules

Alert Channels

A channel is the medium you would like the alert to be sent to. At the moment, Moesif supports Slack, SMS, and Email as a channel. You can add many channels even for the same alert (i.e. you can send both a SMS and a Slack notification for the same alert).

Alert Rules

API Alert Rules specify what you get notified on, when you get notified, and how often. Think of alert rules as a router or handler for new incoming alerts to outgoing channels. Every organization already has a default alert rule called[Default] which cannot be deleted. The default rule is the fallback rule if the URI Route of an error alert doesn’t match any user defined alert rules.

Alert Rules

Alert rules are specific to a route like POST /payout/:id enabling handling of separate services differently. You can find a list of autodetected URI routes by going to API Search and selecting the URI Route filter.

The route field supports regex, so you can enter /api/.* as an alert rule’s route. You can also specify multiple channels for the same alert rule (i.e. to notify multiple teammates) or if you want both email and Slack notifications.

Adding an alert rule

There are a few settings available when creating a new alert rule:

Core Settings

Field Description Example
Route The route is the path part of the HTTP request’s URL starting with / to match against. Do not include the host or query string parts. The route can take in a regex expression such as /api/.* /users/.*
Verb The verb of the HTTP request to match against POST
Tracking Metrics The rule will be triggered when anomalies are detected on these metrics count(distinct(errors))
Channels List of channels to send the alerts to Slack, Email
Minimal Interval Between Alerts While Moesif tries to minimize alert fatigue, you can control this further by specifying the min interval between alerts. If set to 15 mins, then if an alert was sent at 2:45PM, Moesif won’t send a second alert for this same rule until 3:00PM at the earliest. 15 minutes

Maintenance Window

Maintenance window can be defined which is a quiet period where alerts will not be sent. For example, if you have a cron job that performs some maintenance that brings down a service from 5AM to 6AM UTC everyday, you can set this schedule to avoid receiving false alerts.

Field Description Example
Timezone The timezone to use for the start and end time UTC
Start Time The start time for maintenance window in 24 hour clock time 5:00
End Time The end time for maintenance window in 24 hour clock time 6:00

Adding a new API alert rule

Anomaly Detection Sensitivity

If you feel that you’re receiving too few or too many false alerts, you can adjust the sensitivity. To avoid sending too many alerts, Moesif doesn’t use fixed rules like send alert when errors/min > 2%.

Instead, anomaly detection looks at historical data to learn what are acceptable error rates and only alert when there is a change. Because each application and environment is different Moesif still provides a way to change the detection sensitivities similar to modifying fixed rules.

Alert Rules

First, click the switch Adjust Anomaly Detection Sensitivity to bring up the sliders.

Moesif has slow, medium, and fast detectors. If you’re receiving too many false alerts, drag slider right. If you want to be notified of every minor issue, drag the slider right.

Detector Alert Name When to decrease sensitivity
Short duration spike detection SPIKE Your API receives a low volume of traffic so small fluctuations in error rates throws off the spike detector
Normal level change detection RISE/FALL  
Slow positive trend detection POSITIVE TREND Your API has seasonal patterns (such as an API only used during working hours which naturally has an increase in error rates at 9am)

Relevant Alerting

Each notification has a thumbs up and thumbs down rating. If the alert is uninteresting to you, you can downvote it. Moesif continuously adapts to send less alerts that are similar to the ones you downvote such as in the below Slack alert.

Alert Rules


I am not receiving any alerts

A: Moesif looks at both current and historical data when deciding to send alerts. If you deployed a new endpoint, there may not be enough historical data to make a decision. Give it a day running in production first. If you still are having issues, feel free to email us or adjust the detection sensitivity. Also, ensure you have an active channel under Alert Settings.

I am receiving too many alerts

A: If a particular endpoint like GET /probe is noisy and generates many false alerts, you can add an explicit alert rule with 24 hrs as the maintenance window (i.e. always quiet) or increase the alert interval which will silence the route completely. If you just want to reduce the amount of alerts, take a look at adjusting the detection sensitivity.