Set up comprehensive Netdata alerting with Slack and Microsoft Teams integration. Configure custom alert thresholds, webhook notifications, and automated monitoring responses for real-time system health alerts.
Prerequisites
- Root or sudo access
- Active Slack workspace
- Microsoft Teams channel access
- Internet connectivity for webhooks
What this solves
Netdata provides real-time system monitoring with powerful alerting capabilities, but the default email notifications aren't always sufficient for modern DevOps teams. This tutorial shows you how to integrate Netdata with Slack and Microsoft Teams to receive instant notifications about system performance issues, resource usage spikes, and service failures. You'll configure custom alert rules with specific thresholds and set up webhook-based notifications that reach your team wherever they work.
Step-by-step installation
Update system packages
Start by updating your package manager to ensure you get the latest versions of all dependencies.
sudo apt update && sudo apt upgrade -yInstall required dependencies
Install curl and other tools needed for webhook notifications and JSON processing.
sudo apt install -y curl jq wget gnupgInstall Netdata
Download and install Netdata using the official kickstart script with security features enabled.
bash <(curl -Ss https://my-netdata.io/kickstart.sh) --stable-channel --disable-telemetryVerify Netdata installation
Check that Netdata is running and accessible on the default port 19999.
sudo systemctl status netdata
ss -tlnp | grep 19999Create Slack webhook integration
Go to your Slack workspace and create an incoming webhook for your channel. Navigate to Apps > Incoming Webhooks > Add to Slack, select your channel, and copy the webhook URL.
Note: Keep your webhook URL secure. Anyone with access to it can send messages to your Slack channel.
Create Microsoft Teams webhook
In Microsoft Teams, go to your target channel, click the three dots menu, select Connectors, find "Incoming Webhook", and configure it. Copy the generated webhook URL for later use.
Configure Netdata health notifications
Create the health alarm configuration directory and set up the notification methods.
sudo mkdir -p /etc/netdata/health_alarm_notify.conf.d
sudo cp /usr/lib/netdata/conf.d/health_alarm_notify.conf /etc/netdata/health_alarm_notify.confConfigure Slack notifications
Edit the health notification configuration to enable Slack webhooks with your specific channel settings.
# Enable Slack notifications
SEND_SLACK="YES"
Slack webhook URL (replace with your actual webhook)
SLACK_WEBHOOK_URL="https://hooks.slack.com/services/YOUR/SLACK/WEBHOOK"
Default Slack channel
DEFAULT_RECIPIENT_SLACK="#monitoring"
Slack message format
SLACK_CHANNEL="monitoring"
SLACK_USERNAME="netdata"
SLACK_ICON_EMOJI=":warning:"
Role-based recipients for different alert types
role_recipients_slack[sysadmin]="#alerts"
role_recipients_slack[domainadmin]="#infrastructure"
role_recipients_slack[dba]="#database"Configure Microsoft Teams notifications
Add Microsoft Teams webhook configuration to the same notification file.
# Enable Microsoft Teams notifications
SEND_MSTEAMS="YES"
Microsoft Teams webhook URL (replace with your actual webhook)
MSTEAMS_WEBHOOK_URL="https://outlook.office.com/webhook/YOUR/TEAMS/WEBHOOK"
Default Teams channel
DEFAULT_RECIPIENT_MSTEAMS="General"
Teams notification settings
MSTEAMS_ICON_DEFAULT="https://registry.my-netdata.io/api/v1/badge.svg?chart=system.cpu"
MSTEAMS_COLOR_DEFAULT="0076D7"
Role-based Teams recipients
role_recipients_msteams[sysadmin]="Infrastructure Team"
role_recipients_msteams[domainadmin]="Operations Team"Create custom alert rules
Define specific monitoring thresholds for CPU, memory, disk usage, and network performance.
# High CPU usage alert
template: cpu_usage_high
on: system.cpu
calc: $user + $system + $softirq + $irq + $guest
units: %
every: 10s
warn: $this > 80
crit: $this > 95
delay: down 5m multiplier 1.5 max 1h
info: CPU utilization is high
to: sysadmin
Memory usage alert
template: ram_usage_high
on: system.ram
calc: ($used - $buffers - $cached) * 100 / $used
units: %
every: 10s
warn: $this > 80
crit: $this > 90
delay: down 5m multiplier 1.5 max 1h
info: RAM usage is high
to: sysadmin
Disk space alert
template: disk_space_usage
on: disk.space
calc: $used * 100 / ($avail + $used)
units: %
every: 1m
warn: $this > 80
crit: $this > 90
delay: up 1m down 15m multiplier 1.5 max 1h
info: Disk space usage is high
to: sysadmin
Network interface errors
template: network_interface_errors
on: net.errors
calc: $inbound + $outbound
units: errors/s
every: 10s
warn: $this > 5
crit: $this > 20
delay: up 1m down 5m multiplier 1.5 max 2h
info: Network interface errors detected
to: sysadminConfigure service monitoring alerts
Set up alerts for critical services like web servers, databases, and system services.
# Apache/Nginx status monitoring
template: web_service_requests
on: apache.requests
calc: $requests
units: requests/s
every: 10s
warn: $this > 1000
crit: $this > 2000
delay: up 2m down 5m multiplier 1.5 max 1h
info: High web server request rate
to: sysadmin
Database connection monitoring
template: mysql_connections
on: mysql.connections
calc: $connections
units: connections
every: 10s
warn: $this > 80
crit: $this > 95
delay: up 1m down 5m multiplier 1.5 max 1h
info: High MySQL connection usage
to: dba
System service status
template: systemd_service_failed
on: systemd.service_units
calc: $failed
units: units
every: 10s
crit: $this > 0
delay: up 30s down 5m multiplier 1.5 max 1h
info: Systemd service failure detected
to: sysadminSet correct file permissions
Ensure Netdata can read the configuration files with proper ownership and permissions.
sudo chown netdata:netdata /etc/netdata/health_alarm_notify.conf
sudo chown -R netdata:netdata /etc/netdata/health.d/
sudo chmod 640 /etc/netdata/health_alarm_notify.conf
sudo chmod 644 /etc/netdata/health.d/*.confNever use chmod 777. It gives every user on the system full access to your files. Instead, fix ownership with chown and use minimal permissions.
Restart Netdata service
Apply the new configuration by restarting the Netdata service.
sudo systemctl restart netdata
sudo systemctl status netdataTest notification delivery
Trigger a test alert to verify both Slack and Teams notifications are working properly.
# Generate high CPU load for testing
yes > /dev/null &
PID=$!
sleep 30
kill $PID
Check Netdata logs for notification attempts
sudo tail -f /var/log/netdata/error.log | grep -E "(slack|msteams|alarm)"Configure advanced alert customization
Create role-based alert routing
Configure different notification channels based on alert severity and system component.
# Critical system alerts go to all channels
template: system_critical_all
on: system.load
calc: $load1
units: load
every: 10s
crit: $this > (($system.cpu.cores) * 2)
delay: up 1m down 15m multiplier 1.5 max 1h
info: System load is critically high
to: sysadmin, domainadmin
Database alerts only to DBA team
template: database_performance
on: mysql.queries
calc: $select + $insert + $update + $delete
units: queries/s
every: 10s
warn: $this > 500
crit: $this > 1000
delay: up 2m down 10m multiplier 1.5 max 1h
info: High database query rate
to: dbaConfigure alert suppression and maintenance windows
Set up alert suppression during maintenance windows and prevent alert storms.
# Suppress alerts during maintenance (example: daily backup window)
template: maintenance_window_disk
on: disk.space
calc: $used * 100 / ($avail + $used)
units: %
every: 1m
warn: $this > 85
crit: $this > 95
delay: up 5m down 15m multiplier 1.5 max 1h
info: Disk space usage is high (maintenance window considered)
to: sysadmin
# Skip alerts between 2 AM and 4 AM (backup window)
options: no-clear-notification
Rate limiting for noisy alerts
template: network_drops_limited
on: net.drops
calc: $inbound + $outbound
units: drops/s
every: 30s
warn: $this > 10
crit: $this > 50
delay: up 5m down 30m multiplier 2.0 max 4h
info: Network packet drops detected (rate limited)
to: sysadminVerify your setup
# Check Netdata service status
sudo systemctl status netdata
Verify configuration syntax
sudo /usr/sbin/netdata -W set health enabled yes -W set2 health "enabled=yes" -P /var/lib/netdata/netdata.pid -D
Check active alerts
curl -s "http://localhost:19999/api/v1/alarms?active" | jq .
Verify webhook connectivity
curl -X POST -H 'Content-type: application/json' \
--data '{"text":"Netdata webhook test"}' \
"YOUR_SLACK_WEBHOOK_URL"
Check Netdata logs for notification attempts
sudo journalctl -u netdata -f | grep -E "(ALARM|notification|webhook)"
Test alert configuration
sudo /usr/libexec/netdata/plugins.d/alarm-notify.sh test
Verify health check endpoints
curl -s "http://localhost:19999/api/v1/info" | jq .versionCommon issues
| Symptom | Cause | Fix |
|---|---|---|
| Notifications not sending | Incorrect webhook URLs or permissions | Verify URLs with curl test and check file permissions |
| Alerts triggering too frequently | Thresholds too low or delay settings wrong | Increase warn/crit values and adjust delay parameters |
| Missing alerts in Teams/Slack | Role recipients not configured correctly | Check role_recipients_slack and role_recipients_msteams settings |
| Configuration syntax errors | Invalid YAML or missing quotes | Use netdata -W unittest to validate configuration |
| Webhook SSL certificate errors | Outdated CA certificates | Update ca-certificates package and restart Netdata |
| High false positive rate | Default thresholds not tuned for environment | Monitor baseline metrics for 24h before setting final thresholds |
Next steps
- Monitor system resources with Netdata real-time performance dashboard
- Integrate Nagios Core 4.5 with Grafana dashboards for advanced monitoring visualization
- Set up Prometheus and Grafana monitoring stack with Docker compose
- Configure Netdata custom dashboards and metrics collection
- Implement Netdata distributed monitoring cluster with centralized alerts
Automated install script
Run this to automate the entire setup
install.sh
#!/usr/bin/env bash
set -euo pipefail
# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m'
# Global variables
SCRIPT_NAME=$(basename "$0")
SLACK_WEBHOOK=""
TEAMS_WEBHOOK=""
SLACK_CHANNEL="#monitoring"
TEAMS_CHANNEL="General"
# Usage function
usage() {
echo "Usage: $SCRIPT_NAME [OPTIONS]"
echo "Options:"
echo " --slack-webhook URL Slack webhook URL"
echo " --teams-webhook URL Microsoft Teams webhook URL"
echo " --slack-channel NAME Slack channel (default: #monitoring)"
echo " --teams-channel NAME Teams channel (default: General)"
echo " -h, --help Show this help message"
echo ""
echo "Example:"
echo " $SCRIPT_NAME --slack-webhook 'https://hooks.slack.com/services/...' --teams-webhook 'https://outlook.office.com/webhook/...'"
exit 1
}
# Parse arguments
parse_args() {
while [[ $# -gt 0 ]]; do
case $1 in
--slack-webhook)
SLACK_WEBHOOK="$2"
shift 2
;;
--teams-webhook)
TEAMS_WEBHOOK="$2"
shift 2
;;
--slack-channel)
SLACK_CHANNEL="$2"
shift 2
;;
--teams-channel)
TEAMS_CHANNEL="$2"
shift 2
;;
-h|--help)
usage
;;
*)
echo -e "${RED}Unknown option: $1${NC}"
usage
;;
esac
done
}
# Error handling and cleanup
cleanup() {
echo -e "${RED}Installation failed. Cleaning up...${NC}"
systemctl stop netdata 2>/dev/null || true
}
trap cleanup ERR
# Logging functions
log_info() {
echo -e "${GREEN}[INFO]${NC} $1"
}
log_warn() {
echo -e "${YELLOW}[WARN]${NC} $1"
}
log_error() {
echo -e "${RED}[ERROR]${NC} $1"
}
# Check prerequisites
check_prerequisites() {
if [[ $EUID -ne 0 ]]; then
log_error "This script must be run as root or with sudo"
exit 1
fi
if [[ -z "$SLACK_WEBHOOK" && -z "$TEAMS_WEBHOOK" ]]; then
log_error "At least one webhook URL must be provided"
usage
fi
}
# Detect distribution
detect_distro() {
if [[ ! -f /etc/os-release ]]; then
log_error "/etc/os-release not found. Cannot detect distribution."
exit 1
fi
. /etc/os-release
case "$ID" in
ubuntu|debian)
PKG_MGR="apt"
PKG_UPDATE="apt update"
PKG_INSTALL="apt install -y"
;;
almalinux|rocky|centos|rhel|ol|fedora)
PKG_MGR="dnf"
PKG_UPDATE="dnf check-update || true"
PKG_INSTALL="dnf install -y"
;;
amzn)
PKG_MGR="yum"
PKG_UPDATE="yum check-update || true"
PKG_INSTALL="yum install -y"
;;
*)
log_error "Unsupported distribution: $ID"
exit 1
;;
esac
}
# Update system packages
update_packages() {
echo "[1/8] Updating system packages..."
$PKG_UPDATE
if [[ "$PKG_MGR" == "apt" ]]; then
apt upgrade -y
fi
log_info "System packages updated"
}
# Install dependencies
install_dependencies() {
echo "[2/8] Installing required dependencies..."
$PKG_INSTALL curl jq wget gnupg
log_info "Dependencies installed"
}
# Install Netdata
install_netdata() {
echo "[3/8] Installing Netdata..."
if command -v netdata >/dev/null 2>&1; then
log_warn "Netdata is already installed"
return
fi
bash <(curl -Ss https://my-netdata.io/kickstart.sh) --dont-wait --disable-telemetry
systemctl enable netdata
systemctl start netdata
log_info "Netdata installed and started"
}
# Configure notification directories
setup_notification_config() {
echo "[4/8] Setting up notification configuration..."
mkdir -p /etc/netdata/health_alarm_notify.conf.d
if [[ ! -f /etc/netdata/health_alarm_notify.conf ]]; then
if [[ -f /usr/lib/netdata/conf.d/health_alarm_notify.conf ]]; then
cp /usr/lib/netdata/conf.d/health_alarm_notify.conf /etc/netdata/health_alarm_notify.conf
else
# Create basic config if template doesn't exist
touch /etc/netdata/health_alarm_notify.conf
fi
fi
chown netdata:netdata /etc/netdata/health_alarm_notify.conf
chmod 644 /etc/netdata/health_alarm_notify.conf
log_info "Notification configuration directory created"
}
# Configure Slack notifications
configure_slack() {
if [[ -z "$SLACK_WEBHOOK" ]]; then
return
fi
echo "[5/8] Configuring Slack notifications..."
cat >> /etc/netdata/health_alarm_notify.conf << EOF
# Slack notifications configuration
SEND_SLACK="YES"
SLACK_WEBHOOK_URL="$SLACK_WEBHOOK"
DEFAULT_RECIPIENT_SLACK="$SLACK_CHANNEL"
SLACK_CHANNEL="${SLACK_CHANNEL#\#}"
SLACK_USERNAME="netdata"
SLACK_ICON_EMOJI=":warning:"
# Role-based Slack recipients
role_recipients_slack[sysadmin]="$SLACK_CHANNEL"
role_recipients_slack[domainadmin]="$SLACK_CHANNEL"
role_recipients_slack[dba]="$SLACK_CHANNEL"
EOF
log_info "Slack notifications configured"
}
# Configure Microsoft Teams notifications
configure_teams() {
if [[ -z "$TEAMS_WEBHOOK" ]]; then
return
fi
echo "[6/8] Configuring Microsoft Teams notifications..."
cat >> /etc/netdata/health_alarm_notify.conf << EOF
# Microsoft Teams notifications configuration
SEND_MSTEAMS="YES"
MSTEAMS_WEBHOOK_URL="$TEAMS_WEBHOOK"
DEFAULT_RECIPIENT_MSTEAMS="$TEAMS_CHANNEL"
MSTEAMS_ICON_DEFAULT="https://registry.my-netdata.io/api/v1/badge.svg?chart=system.cpu"
MSTEAMS_COLOR_DEFAULT="0076D7"
# Role-based Teams recipients
role_recipients_msteams[sysadmin]="$TEAMS_CHANNEL"
role_recipients_msteams[domainadmin]="$TEAMS_CHANNEL"
EOF
log_info "Microsoft Teams notifications configured"
}
# Create custom alert rules
create_alert_rules() {
echo "[7/8] Creating custom alert rules..."
cat > /etc/netdata/health.d/custom-alerts.conf << 'EOF'
# High CPU usage alert
template: cpu_usage_high
on: system.cpu
calc: $user + $system + $softirq + $irq + $guest
units: %
every: 10s
warn: $this > 80
crit: $this > 95
delay: down 5m multiplier 1.5 max 1h
info: CPU utilization is high
to: sysadmin
# Memory usage alert
template: ram_usage_high
on: system.ram
calc: ($used - $buffers - $cached) * 100 / $used
units: %
every: 10s
warn: $this > 80
crit: $this > 90
delay: down 5m multiplier 1.5 max 1h
info: RAM usage is high
to: sysadmin
# Disk space alert
template: disk_space_usage
on: disk.space
calc: $used * 100 / ($avail + $used)
units: %
every: 1m
warn: $this > 80
crit: $this > 90
delay: up 1m down 5m multiplier 1.5 max 1h
info: Disk space usage is high
to: sysadmin
EOF
chown netdata:netdata /etc/netdata/health.d/custom-alerts.conf
chmod 644 /etc/netdata/health.d/custom-alerts.conf
log_info "Custom alert rules created"
}
# Verify installation
verify_installation() {
echo "[8/8] Verifying installation..."
# Check if Netdata is running
if ! systemctl is-active --quiet netdata; then
log_error "Netdata service is not running"
exit 1
fi
# Check if Netdata is accessible
if ! curl -s http://localhost:19999 > /dev/null; then
log_error "Netdata web interface is not accessible"
exit 1
fi
# Test notification configuration
if ! /usr/libexec/netdata/plugins.d/alarm-notify.sh test 2>/dev/null; then
log_warn "Notification test failed - please check webhook URLs"
fi
log_info "Installation verification completed"
}
# Main execution
main() {
parse_args "$@"
check_prerequisites
detect_distro
update_packages
install_dependencies
install_netdata
setup_notification_config
configure_slack
configure_teams
create_alert_rules
# Restart Netdata to apply configuration
systemctl restart netdata
verify_installation
echo -e "${GREEN}Netdata with Slack/Teams notifications has been successfully installed!${NC}"
echo "Access Netdata at: http://$(hostname -I | awk '{print $1}'):19999"
[[ -n "$SLACK_WEBHOOK" ]] && echo "Slack notifications: Configured for $SLACK_CHANNEL"
[[ -n "$TEAMS_WEBHOOK" ]] && echo "Teams notifications: Configured for $TEAMS_CHANNEL"
}
main "$@"Review the script before running. Execute with: bash install.sh