
The Topology Processor is disabled by default. To enable it, set the
environment variable
KEEP_TOPOLOGY_PROCESSOR=true
.How It Works
-
Service Discovery: The processor maintains a map of your infrastructure’s topology, including:
- Services and their relationships
- Applications and their constituent services
- Dependencies between different components
-
Alert Processing: Every few seconds, the processor:
- Analyzes recent alerts
- Maps alerts to services in your topology
- Creates or updates incidents based on application-level impact
-
Incident Creation: When multiple services within an application have active alerts:
- Creates a new application-level incident
- Groups related alerts under this incident
- Provides context about the affected application and its services
Configuration
Environment Variables
Variable | Description | Default |
---|---|---|
KEEP_TOPOLOGY_PROCESSOR | Enable/disable the topology processor | false |
KEEP_TOPOLOGY_PROCESSOR_INTERVAL | Interval for processing alerts (in seconds) | 10 |
KEEP_TOPOLOGY_PROCESSOR_LOOK_BACK_WINDOW | Look back window for alert correlation (in minutes) | 15 |
Incident Management
Creation
When the processor detects alerts affecting multiple services within an application:- Creates a new incident with type “topology”
- Names it “Application incident: ”
- Automatically confirms the incident
- Links all related alerts to the incident
Resolution
Incidents can be configured to resolve automatically when:- All related alerts are resolved
- Specific resolution criteria are met
Best Practices
-
Service Mapping
- Ensure services in alerts match your topology definitions
- Maintain up-to-date topology information
-
Application Definition
- Group related services into logical applications
- Define clear service boundaries
-
Alert Configuration
- Include service information in your alerts
- Use consistent service naming across monitoring tools
Example
If you have an application “payment-service” consisting of multiple microservices:payment-api
and payment-database
, the Topology Processor will:
- Recognize these services belong to the same application
- Create a single incident for “payment-service”
- Group both alerts under this incident
- Provide application-level context in the incident description
Limitations
- Currently supports only application-based incident creation
- One active incident per application at a time
- Requires service information in alerts for correlation