SovereignCore/alertmanager.yml at pleasepush · lordwilsonDev/SovereignCore · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
# Alertmanager Configuration for SovereignCore
# Handles alert routing and notifications

global:
  resolve_timeout: 5m
  # SMTP configuration for email alerts
  smtp_smarthost: 'smtp.gmail.com:587'
  smtp_from: 'alerts@sovereigncore.com'
  smtp_auth_username: 'alerts@sovereigncore.com'
  smtp_auth_password: 'your-email-password-here'
  smtp_require_tls: true

# Templates for alert messages
templates:
  - '/etc/alertmanager/templates/*.tmpl'

# Route tree for alerts
route:
  # Default receiver
  receiver: 'default'

  # Group alerts by these labels
  group_by: ['alertname', 'severity', 'component']

  # Wait time before sending initial notification
  group_wait: 10s

  # Wait time before sending notification about new alerts in group
  group_interval: 10s

  # Wait time before re-sending notification
  repeat_interval: 3h

  # Child routes
  routes:
    # Critical alerts - immediate notification
    - match:
        severity: critical
      receiver: 'critical-alerts'
      group_wait: 0s
      repeat_interval: 1h

    # Warning alerts - less urgent
    - match:
        severity: warning
      receiver: 'warning-alerts'
      repeat_interval: 6h

    # Component-specific routing
    - match:
        component: security
      receiver: 'security-team'
      repeat_interval: 1h

# Inhibition rules - suppress certain alerts when others are firing
inhibit_rules:
  # Suppress warning if critical alert is firing
  - source_match:
      severity: 'critical'
    target_match:
      severity: 'warning'
    equal: ['alertname', 'component']

  # Suppress individual service alerts if API is down
  - source_match:
      alertname: 'APIDown'
    target_match_re:
      alertname: '.*'
    equal: ['component']

# Receivers - where to send alerts
receivers:
  # Default receiver
  - name: 'default'
    email_configs:
      - to: 'admin@sovereigncore.com'
        headers:
          Subject: '[SovereignCore] {{ .GroupLabels.alertname }}'

  # Critical alerts - multiple channels
  - name: 'critical-alerts'
    email_configs:
      - to: 'admin@sovereigncore.com,oncall@sovereigncore.com'
        headers:
          Subject: '[CRITICAL] SovereignCore Alert'
    # Slack webhook (uncomment and configure)
    # slack_configs:
    #   - api_url: 'https://hooks.slack.com/services/YOUR/WEBHOOK/URL'
    #     channel: '#alerts-critical'
    #     title: 'Critical Alert: {{ .GroupLabels.alertname }}'
    #     text: '{{ range .Alerts }}{{ .Annotations.description }}{{ end }}'
    # PagerDuty (uncomment and configure)
    # pagerduty_configs:
    #   - service_key: 'your-pagerduty-service-key'

  # Warning alerts
  - name: 'warning-alerts'
    email_configs:
      - to: 'admin@sovereigncore.com'
        headers:
          Subject: '[WARNING] SovereignCore Alert'
    # Slack webhook
    # slack_configs:
    #   - api_url: 'https://hooks.slack.com/services/YOUR/WEBHOOK/URL'
    #     channel: '#alerts-warning'

  # Security team alerts
  - name: 'security-team'
    email_configs:
      - to: 'security@sovereigncore.com'
        headers:
          Subject: '[SECURITY] SovereignCore Alert'