# Triggers

This guide describes the steps to create and manage synthetic triggers.


Monq triggers allow you to process any events received by the monitoring system. It is possible to create a trigger from a template or write it from scratch using scripts written in the Lua language.

Triggers are processed in Monq as follows:

Расчет СТ

If you are looking for a description of the service methods and variables used in CT rules, go the Solutions.

# Trigger creation

To add a new Trigger, go to the Triggers section on the main menu and click «Add trigger». Fill in the general information in the dialog window: enter a name, select an owner workgroup, select a rule template, fill in the description, and click «Create trigger».

After you finish creating the trigger, you can edit the info you entered on the General tab of the trigger page.

# Template configurations

When you create a new trigger, you can select one of the available templates for the trigger rule, which describes how the raw data is processed. When you pick a template, the rule's code and the filter's expression automatically fill in.

However, instead of specific values, the prefilter expression uses variables. To configure the variables, click the «Set execution variables» button and enter the values in the text fields. Once created, the trigger prefilter will immediately apply the defined values.

# Prefilter config

To control the amount of data that needs to be processed by the trigger, configure the Prefilter.


Prefilter is a type of rule by which the raw data is selected for the trigger's main rule proccesing. It is a boolean expression that supports basic logical operators and basic Lua functions. |

Operator Description Examples of usage
and AND _labels.type == 'Prometheus' and _stream.id == 10
or OR _stream.id == 10 or _stream.id == 11
not NOT _stream.type == 'Prometheus' and not _stream.id == 10
== EQUAL _stream.type == 'Prometheus'
~= NOT EQUAL _stream.type ~= 'Prometheus'
> Greater _stream.id > 10
< Less _stream.id < 10
>= Greater or equal _stream.id >= 10
<= Less or equal _stream.id <= 10
in(field, {args}) In list in(_stream.id, {10, 11, 15})
regexIsMatch(field, "(pattern)") Regular expression regexIsMatch(source.@timestamp, "(\\d{4}-\\d{2}-\\d{2}T\\[0][0-9]:\\d{2}:\\d{2}\\.\\d+Z)") - returns true if the time in @timestamp is from 00 to 09 o'clock

It is allowed to group parts of an expression using ().

Comparison operators are case sensitive.

Objects of type string must be enclosed in single quotes.

Escaping occurs via the \ symbol.

To configure the prefilter, enter its expression in the «Execution condition» text field of the «Rule configuration» tab. After making any changes to the expression, click «Apply» to save the result.

# Configuring Rule

To configure the trigger's reaction to raw data reception, add the trigger's Rule.


A trigger's Rule is a Lua script that uses a set of service variables and methods to change the trigger's own state and enrich the raw data with additional fields.

The rule is run for every event received by the Monq system that passes the prefilter.

For implementation, only utility methods and classes of synthetic trigger rules are supported, for more details see Solutions.

To configure a trigger's rule, go to the «Rule configuration» tab – there is a code editor below the prefilter field. The editor stays blocked by default, to access it click the «Script Version» list and select the «New Version» or click the corresponding button in the lower left corner of the screen.

Paste your Lua script into the editor window or write it yourself. Next, you can check the code for syntax errors – click «Code check» – the validation log containing errors or success message will open under the «Code check» tab at the bottom of the editor. If the code is correct, press «Make Executable», and your script version will be used as the new trigger rule.

If you want to return the older version of the rule, click again «Script version» button and select an older version from the list.

# Trigger debug

After creating a valid prefilter and rules, you can debug the trigger with a simulation of the system receiving a raw data event.

To do this, go to «Condition debugger» on the left of the editor. Select a message template from the list of available ones and click «Fill template». In the opened editor window, specify the data to be checked by the prefilter. To use a customized template, select a «Custom template» and fill it with a new model and required data.


To use a customized template, copy the data model from the detailed view of the Raw Data screen.

Click the «Debug» button. The result will appear in «Debug terminal» at the bottom of the editor.

# Viewing trigger history

The «History» tab lets you review the history of all events related to the trigger.

To view the trigger log, use the filter. You can filter the event list by the following attributes:

  • Name
  • Date and Time
  • Initiator
    • User
    • Execution condition
    • Scheduler
  • Type of change
    • Status changes
    • General Info changes
    • Rule changes
    • Bound CI List changes

When you find the event you need, click «Details» to view the detailed information about the event trigger.

If the events storage depth is configured in the "Data storage" block of the data stream, it is possible that event was deleted information is displayed.

# Trigger management

Additionally, on the «Management» tab, you can:

  • Manually change the trigger status – select one from the list and click «Apply».
  • Clone the trigger – Click «Clone», fill in the basic info in the dialog, and select the settings to save for the trigger's clone.
  • Delete the trigger – Click «Delete» and confirm your action in the dialog window.