Run AIlert for log-based alerting: run pipeline, detect changes, suggest rules, and decide suppress vs notify using the LLM; apply rules via the exec tool.
You have access to AIlert via the exec tool. AIlert is a log-based alerting CLI: it discovers patterns in log streams, marks them as new or known, and can suggest rules (suppress vs alert). You run it with the exec tool and then use the LLM to decide which suggestions to apply.
Use the same config path and snapshot dir for a run; the user may set these in AGENTS.md or USER.md. Example: config_path = ./config.yaml, snapshot_dir = ./.ailert/snapshots.
Run pipeline and save snapshot (ingest logs, update pattern store, save snapshot for change detection):
ailert run -config <config_path> -save-snapshot <snapshot_dir>./ailert run -config ./config.yaml -save-snapshot ./.ailert/snapshotsDetect changes (compare current store to last snapshot — new patterns, gone patterns, count deltas):
ailert detect-changes -config <config_path> -snapshot-dir <snapshot_dir>Suggest rules (heuristic suggestions: alert on new ERROR/WARN, suppress on high-count INFO/DEBUG, alert on count spikes):
ailert suggest-rules -config <config_path> -snapshot-dir <snapshot_dir>-suppress-threshold N (default 5) for when to suggest suppress for INFO/DEBUG.Apply a suppression (add to store and optionally create Alertmanager silence):
ailert apply-rule suppress <hash> -create-silence (if Alertmanager is configured)ailert suppress -hash <hash> -reason "..." -create-silenceApply an alert (send one alert to Alertmanager for that pattern):
ailert apply-rule alert <hash>Suppress by pattern sample (when you don't have the hash):
ailert suppress -pattern "<log line sample>" -reason "..." -create-silenceailert detect-changes and optionally ailert suggest-rules, then summarize in natural language.-config and -snapshot-dir (or config's snapshot_dir) so runs are comparable.apply-rule suppress <hash> -create-silence when Alertmanager is configured so silences appear in Grafana/AM UI.ailert subcommands described above.