Alerts/Anomaly Detection

About alerts

Moesif will monitor your API to detect anomalies using both your current and historical data to notify you if something is wrong.

To set up alerts, login to your Moesif account -> Settings -> Alert Settings

Alerts settings are specific to the org/app regardless of who is signed in from your team.

If you have multiple orgs or apps like a Development and a Production app, each can have their own alert settings.

There are two parts to alerts Alert Channels and Alert Rules

Alert Channels

A channel is the medium you would like the alert to be sent to. At the moment, Moesif supports Slack, SMS, and Email as a channel. You can add many channels even for the same alert (i.e. you can send both a SMS and a Slack notification for the same alert).

Alert Rules

API Alert Rules specify what you get notified on, when you get notified, and how often. Think of alert rules as a router or handler for new incoming alerts to outgoing channels. Every organization already has a default alert rule called[Default] which cannot be deleted. The default rule is the fallback rule if the URI Route of an error alert doesn’t match any user defined alert rules.

Alert Rules

Alert rules are specific to a route like POST /payout/:id enabling handling of separate services differently. You can find a list of autodetected URI routes by going to API Search and selecting the URI Route filter.

The route field supports regex, so you can enter /api/.* as an alert rule’s route. You can also specify multiple channels for the same alert rule (i.e. to notify multiple teammates) or if you want both email and Slack notifications.

Adding an alert rule

There are a few settings available when creating a new alert rule:

Core Settings

Field Description Example
Route The route is the path part of the HTTP request’s URL starting with / to match against. Do not include the host or query string parts. The route can take in a regex expression such as /api/.* /users/.*
Verb The verb of the HTTP request to match against POST
Tracking Metrics The rule will be triggered when anomalies are detected on these metrics count(distinct(errors))
Channels List of channels to send the alerts to Slack, Email
Minimal Interval Between Alerts While Moesif tries to minimize alert fatigue, you can control this further by specifying the min interval between alerts. If set to 15 mins, then if an alert was sent at 2:45PM, Moesif won’t send a second alert for this same rule until 3:00PM at the earliest. 15 minutes

Maintenance Window

Maintenance window can be defined which is a quiet period where alerts will not be sent. For example, if you have a cron job that performs some maintenance that brings down a service from 5AM to 6AM UTC everyday, you can set this schedule to avoid receiving false alerts.

Field Description Example
Timezone The timezone to use for the start and end time UTC
Start Time The start time for maintenance window in 24 hour clock time 5:00
End Time The end time for maintenance window in 24 hour clock time 6:00

Adding a new API alert rule


I am not receiving any alerts

A: Moesif looks at both current and historical data when deciding to send alerts. If you deployed a new endpoint, there may not be enough historical data to make a decision. Give it a day running in production first. If you still are having issues, feel free to email us. Also, ensure you have an active channel under Alert Settings.

I am receiving too many alerts

A: If a particular endpoint like GET /probe is noisy, you can add an explicit alert rule with 24 hrs as the maintenance window (i.e. always quiet) or increase the alert interval.


Leave a Comment