Alert Rules: How to properly use labels vs annotations
rlbol...@gmail.com
I would like to get a better understanding of how to effective use labels and annotations for alerts.
As per the documentation on the alerts page, annotations are for "a set of informational labels that can be used to store longer additional information such as alert descriptions or runbook links."
Labels are described as being labels, but I don't see any discussion with regards to application/use beyond that.
For example, with a generalized alert named LowDiskSpace, is it better to describe things like originating region and cluster as labels, as annotations, or both?
groups:
- name: RabbitMQ_Alerts
rules:
- alert: LowDiskSpace
expr: <expression-goes-here>
for: 10m
labels:
region: {$region} ??
cluster: {$cluster} ??
severity: warn
annotations:
region: {$region} ??
cluster: {$cluster} ??
summary: Low Disk Space
description: Low disk space was detected on {{ $labels.name }}
Here are what I would imagine some queries might look like:
ALERTS{severity="warning"} // Get all alerts with severity of warning
ALERTS{region="asia-pacific", role="rabbitmq"} // Get all alerts in asia-pacific for rabbitmq roles
Are these conceptually correct? Where would annotations fit into this?
