Monitor YAML structure

title (required)

Human-readable name of the monitor. Shown in the Monitor List.

string

display

Display settings controlling how issues from this monitor are rendered. See Display.

object

severity

Severity reported on firing issues.

S1, S2, S3, S4

measurementType

Controls how issues are visualized. state renders as a line chart; event renders as a bar chart counting events.

state, event

model (required)

Queries, reducers, and thresholds that define what the monitor evaluates. See Model.

object

labels

Static or templated labels attached to the issue. Values can reference query results via {{ $values.<threshold_name>.Labels.<key> }}.

map<string,string>

annotations

Annotations attached to the alert, often used to wire monitors into workflows.

map<string,string>

category

Free-form category used for grouping in the Monitor List.

string

executionErrorState

State when query execution fails. OK suppresses; Error raises an error state; Alerting fires an issue.

OK, Error, Alerting

noDataState

State when the query returns no rows. OK stays normal; NoData enters a No Data state; Alerting fires.

OK, NoData, Alerting

evaluationInterval

Evaluation cadence and pending window. See EvaluationInterval.

object

notificationSettings

How alerts are delivered. See NotificationSettings.

object

isPaused

When true, the monitor is defined but not evaluated.

boolean

header

Template for the issue header. Supports alert label substitution, e.g. "gRPC API Error {{ labels.status_code }}".

description

Template for the issue description. Supports the same substitutions as header.

resourceHeaderLabels

List of labels identifying the resource the issue relates to. Rendered as the secondary header across Issues tables. Example: ["span_name", "role"].

contextHeaderLabels

List of labels identifying the location of the issue. Rendered as a subset of the issue's labels. Example: ["cluster", "namespace", "workload"].

templateLanguage

Template engine for header and description. Set to jinja2 to opt into Jinja2 syntax (enablesblocks and filters). Omit for the default Go-template syntax.

queries (required)

One or more queries that produce the data the monitor evaluates. See model.queries.

reducers

Aggregations applied on top of queries before thresholds run. See model.reducers.

thresholds

Conditions evaluated against a query or reducer output. See model.thresholds.

name (required)

Identifier used by reducers and thresholds to reference this query's output.

dataType

Data source to query. One of logs, traces, events, rum, entities, issues, metrics, infra.

expression

The query itself. The language depends on dataType:

• gcQL for logs, traces, events, rum, entities, issues. See the gcQL Reference.

• MetricsQL for metrics and infra. MetricsQL is VictoriaMetrics' query language and is backwards-compatible with PromQL, with extra functions (topk_last, rollup_rate, etc.). It does not use the pipe (|) operator; combine operations with nested functions or arithmetic.

datasourceType

Required for MetricsQL queries. Set to prometheus (the name refers to the Prometheus-compatible API served by the metrics backend).

queryType

For MetricsQL queries, use instant.

filters

Optional standalone gcQL filter expression, used alongside sqlPipeline. For modern monitors, filters belong directly inside expression.

relativeTimerange

Time window relative to evaluation time. Object with from and optional to durations (e.g. from: 5m).

instantRollup

Bucket size for gcQL queries (logs/traces/events/rum/entities/issues), e.g. 1 minutes, 5 minutes. Controls the time granularity the monitor evaluates over.

rollup

Server-side rollup for MetricsQL queries (metrics/infra). Object with function (avg, max, min, sum, count, stddev, stdvar, last) and time (duration).

sqlPipeline

Legacy. Structured SQL pipeline object. Still accepted for backwards compatibility but new monitors should use expression with gcQL.

name (required)

Identifier used by thresholds.

inputName

Name of the query (or another reducer) to read from. Required unless type: math.

type (required)

One of last, min, max, mean, sum, count, math.

expression

Required when type: math. An arithmetic expression over reducer outputs, e.g. $errors / $total * 100.

relativeTimerange

Optional time window specific to this reducer.

name (required)

Identifier for this threshold.

inputName (required)

Name of the query or reducer this threshold evaluates.

operator (required)

One of gt, lt, gte, lte, eq, neq, within_range, outside_range, within_range_included, outside_range_included.

values (required)

Array of numbers. One value for comparison operators; two values for within_range / outside_range and their inclusive variants.

relativeTimerange

Optional time window specific to this threshold.

interval

How often the monitor is evaluated, e.g. 1m, 5m.

pendingFor

Duration the threshold must hold before the issue transitions from Pending to Alerting. Use 0s to fire immediately.

method

How notifications are delivered. notificationRoutes uses the matching routes defined in Notification Routes; connectedApps sends directly to the apps listed in connectedApps, bypassing routes; noNotifications suppresses all notifications for this monitor.

connectedApps

List of connected app IDs. Used with method: connectedApps.

renotificationInterval

Duration between repeat notifications while the issue remains firing, e.g. 4h.

disableRenotification

When true, suppresses repeat notifications.

statusFilters

List of issue statuses that trigger notifications. Used with method: connectedApps.