Skip to main content
Sumo Logic

Terminology

This document provides definitions for technical terms used in Monitors.

Term Definition
Detection Method Static/Dynamic/Anomaly/Outlier
Disable The monitor is in a disabled state when monitors are not processed by the backend, only their definition is persisted in the database.
Incident When a specific alerting condition is met, as defined on the monitor, an incident is triggered.
Monitor The monitor is the object that you configure within Sumo Logic that:

Checks for specific events of interest against a data source, based on your specified conditions. Events of interest are used in a general sense to denote an event that may be of interest to you.

Notifies you about the event-of-interest based on your preferences.
Monitor Type The underlying data stream, either logs or metrics, on which the monitor is created.
Mute When a monitor is in a mute state it continues to process your data stream as expected where Incidents are still generated. However, notifications are snoozed based on your mute condition.
Resolve The process of closing an incident.
Status The state of the monitor can be one of the following, Normal, Critical, Warning, or Missing Data.
Template The section that describes the actual connection attributes.
Threshold The static condition which when met an incident is triggered by a monitor.
Trigger (state) The state when an alert condition has been met, and an incident has been created as a result.
Trigger Type Type of Alert/Trigger condition defined Critical/Warning/Missing Data.
Alert Variables Custom variables used inside the Action Payload.