Severity thresholds
How channels filter by severity, with tenant defaults, per-channel overrides, and personal preferences
Each notification channel has a severity threshold. The channel fires only for analyses whose severity is at or above that threshold. This is the primary lever for routing the right level of noise to the right place.
How "at or above" works
Analysis severity is ordered: critical > high > medium > low > info.
The channel threshold has four valid values — critical, high,
medium, low — and selects every analysis at or above that level.
A channel with threshold medium receives notifications for analyses
whose severity is medium, high, or critical — but not low or
info.
| Channel threshold | Receives |
|---|---|
critical | Critical only |
high | High and critical |
medium | Medium, high, critical |
low | Low, medium, high, critical (everything except info) |
Routing examples
A common setup uses three Slack channels with different thresholds:
| Channel | Threshold | Receives |
|---|---|---|
#oncall-critical | critical | Pages only |
#engineering-incidents | high | High-severity incidents |
#engineering-noisy | low | Most analyses, including triages |
Tenant default threshold
Under Settings → Notifications, set the default severity threshold for the whole organization. This is used:
- As the default for newly created channels (you can override per channel)
- For any channel that explicitly opts in to the tenant default
Most users set the tenant default to high and then override on
specific noisy channels.
Per-user preferences
Each user has personal preferences under Settings → Notifications:
| Preference | Default | What it does |
|---|---|---|
| Notify me on my analyses | On | When you trigger an analysis (dashboard, API key with your identity), you receive a notification regardless of channel thresholds |
| Notify me only via email | Off | Suppress chat notifications for analyses you triggered, only email |
These are personal — they don't affect what other team members see in shared channels.
How thresholds combine in practice
When an analysis completes, every channel whose threshold is at or
below its severity receives the notification. A high analysis fires
channels with thresholds low, medium, or high — but not those
with critical. Inactive channels are skipped.
If multiple channels qualify, all receive the notification — the
#oncall-critical Slack might fire alongside an email to the
on-call rotation.
Watchdog and severity
Watchdog rules generate analyses when their conditions trigger. The
watchdog rule itself doesn't have a severity threshold — that's
applied downstream by your channels. A watchdog rule that runs an
analysis on every pattern match can produce many medium or low
events; channels with threshold high will only see the spikes.
See Watchdog for details on rule configuration.
Recommended starting point
If you're not sure where to start:
| Channel | Threshold |
|---|---|
| Tenant default | high |
| Critical-only Slack channel | critical |
| Email to on-call rota | high |
| Optional verbose Slack channel | low |
Iterate from there based on which alerts your team finds useful versus noisy.