Menu
Documentationbreadcrumb arrow Grafana Cloudbreadcrumb arrow Alerts and IRMbreadcrumb arrow IRMbreadcrumb arrow Usebreadcrumb arrow Respond to alerts
Grafana Cloud RSS

Respond to alerts in Grafana IRM

When an alert is triggered in Grafana IRM, responders have multiple ways to interact with it. This topic covers the actions available for managing and resolving alerts, including acknowledging alerts, escalating notifications, and linking alerts to incidents.

View and manage alerts

Alerts in Grafana IRM are grouped into alert groups, allowing responders to manage related alerts collectively. You can interact with alerts through the Grafana UI, mobile app, or your organizations integrated messaging app like Slack and Microsoft Teams.

Alert group table

The Alert Group table provides an overview of all active alerts. You can:

  • Sort and filter alerts based on severity, team, or escalation policy
  • Customize columns to display relevant alert details
  • View assigned responders and escalation chain progress

Acknowledge an alert

Acknowledge (ACK) an alert to indicate that a responder is investigating the issue. Acknowledging an alert:

  • Updated to alert status to Acknowledged
  • Stops further escalation notifications

Ways to acknowledge an alert

You can acknowledge an alert through:

  • The Alert group table: Select Acknowledge from the drop down in the Status column.
  • The mobile app: Tap Acknowledge from the alert feed
  • Messaging apps (Slack, Microsoft Teams): Use /ack in the relevant channel
  • API: Use the OnCall API to programmatically acknowledge an alert

Note

If a new alert joins an acknowledged alert group, it will not trigger escalation chain actions.

Escalate an alert

If an alert is not acknowledged or resolved within a certain timeframe, it will escalate according to the configured escalation chain. Responders can manually escalate an alert if immediate action is needed.

Add participants

Adding an escalation participant initiates that users notification rules. Be conscious of who is actively on-call before notifying them. Users are listed as On-Call now or Not on-call.

Manually add the necessary responders to an alert group:

  1. Open the alert details for the correct alert
  2. Click + Add participants in the escalation participants section
  3. Search or select users from the dropdown
  4. Adding an escalation participant initiates that users notification rules

Declare an incident

If the alert group requires larger effort and escalation, you can declare an incident from an active alert group.

To declare an incident from an alert group:

  1. From the alert group details, click Actions
  2. Select Declare incident from the dropdown
  3. Fill out the Incident declaration form and click Declare incident

To learn more, refer to Declare an incident.

Resolve an alert

Marking an alert as resolved indicates that the issue has been fixed. Resolved alerts:

  • Stop all further notifications and escalations
  • Are recorded in the alert history for future reference

Ways to resolve an alert

  • UI: Click Resolve in the alert details view
  • Mobile app: Tap Resolve from the alert feed
  • API: Programmatically resolve alerts via the OnCall API

Silence alerts

Silencing an alert prevents notifications for a specified duration without resolving the issue. This is useful for:

  • Muting noisy alerts during investigation
  • Avoiding unnecessary escalations for a known issue

To prevent noisy alerts during a maintenance window, refer to Manage maintenance mode

Ways to silence alerts

  • Set a temporary silence in the UI
  • From your messaging app
  • Apply a mute rule in Grafana Alerting to prevent certain alert conditions from triggering notifications

In some cases, an alert may indicate a larger issue that requires incident management. You can link an alert to an incident to track its resolution in the broader incident response process.

  1. From the incident timeline, select the alert tab and search for related alerts.
  2. Select the alert to add it to the timeline
  3. View the incident timeline to track all related alerts and their resolution

For more information about incident management, refer to Incident management.

Interact with alerts using the mobile app

Responders can manage alerts on the go using the Grafana IRM mobile app:

  • Receive push notifications for new alerts
  • Acknowledge, escalate, or resolve alerts directly from the app
  • View alert details and history in the alert feed

For more information about the mobile app, refer to IRM mobile app.

Manage alerts via API

For teams using automation, the Grafana IRM API allows you to:

  • Fetch active alerts and alert groups
  • Acknowledge or resolve alerts programmatically
  • Modify escalation chains dynamically

For more information about the API, refer to IRM APIs.

Best practices for responding to alerts

  • Acknowledge alerts quickly to stop unnecessary escalations
  • Use messaging app integrations for fast interaction with alerts
  • Customize alert routing to ensure the right responders are notified
  • Declare incidents for critical alerts for a coordinated response.