Skip to main content
Version: 3.2.3.x

Trigger Alerts for Unusual API Activities

Abnormal traffic patterns or errors in API usage can indicate problems or malicious attacks. Setting up alerting helps quickly detect such unusual activities. By setting up alerts for certain thresholds and activities, you can gain insights into patterns that might indicate a security breach, abuse, or abnormal usage.

Prerequisite(s)

  1. Obtain a User Account with Super Admin or Runtime Admin Role.
  2. Complete Add Service from API Definition.
  3. Get the webhook of your notification system.

Add a Webhook Template

Each alert policy requires at least one webhook template for notifications. A webhook template defines the content and structure of data sent via webhook when an event occurs. Multiple policies can share the same webhook templates. Webhooks are a way for different applications or services to communicate with each other in real-time by sending HTTP requests to a predefined URL when certain events happen.

  1. Select Alerts > Templates, then click Add Template.
  2. Use Email-notice as template name, and your webhook URL as URL. In this tutorial, a webhook.site URL will be used as an example.
  3. Apply the following configuration to the Notification Template(Request body of the webhook). Title, Severity and Detail field comes from the alert policy:

hello, here is an alert example. 
Title: {{ .Title }} 
AlertTime: {{ .AlertTime.Format "2006 Jan 02 15:04:05" }} 
Severity: {{.Severity}} 
Detail: {{.Detail}}

Add Webhook Template 4. Click Add.

Add an Alert Policy

An alert policy is a predefined set of conditions and rules that are configured to trigger specific actions or notifications when certain events or conditions occur. In this tutorial, you will set up an alert policy for gateway instance offline notification, one of the most critical failures. The policy will call a webhook to notify relevant parties if a gateway instance goes offline within the last 10 minutes.

  1. Select Alerts > Policies, then click Add Policy.
  2. Use gateway-instance-offline as policy name.
  3. Click Add.
  4. On Trigger Conditions, click Update.
  5. Choose gateway instance offline as condition 1, then choose 10 minutes. Update Condition
  6. Click Update.
  7. On Basics, click Update.
  8. Use API7 Gateway Instance Offline as Alert Title, Please check the instance and recover immediately as Alert Detail. These two field can be used in the notification template. Update Alert Basics
  9. Click Update.
  10. On Webhook Notifications, click Enable of the Email-notice template.

Validate

  1. Manually stop a gateway instance.
  2. Received message through webhook: 

hello, here is an alert example. 
Title: API7 Gateway Instance Offline 
AlertTime: 2006 Jan 02 15:04:05"
Severity: Medium 
Detail: Please check the instance and recover immediately

API7.ai Logo

API Management for Modern Architectures with Edge, API Gateway, Kubernetes, and Service Mesh.

Product

API7 Cloud
API7 Enterprise
API Portal
Roadmap

Open Source

Apache APISIX
K8s Ingress Controller
wasm-nginx-module
Contributor Graph

Resources

Blog
Documentation
NGINX + Lua
APISIX vs Kong
APISIX vs NGINX

Company

About
Contact
Compliance Standards
Partners
Terms & Privacy
SOC2 Type IIISO 27001HIPAAGDPRRed Herring

Copyright © APISEVEN PTE. LTD 2019 – 2025. Apache, Apache APISIX, APISIX, and associated open source project names are trademarks of the

Apache Software Foundation