Alertmanager routing

Akira Alertmanager routes paging alerts by label and keeps on-call delivery within the five minute pilot SLA target.

Receivers

• Critical: Telegram akira-critical, Slack #akira-critical, email oncall@asheep.it.
• Warning: Telegram akira-warning.
• Security: Telegram akira-security, email security@asheep.it.
• Info: local webhook sink http://localhost:8888/log.

Labels

• Use severity="critical" for P0/P1 alerts that must wake the on-call.
• Use severity="warning" for P2/P3 alerts.
• Add type="security" for security events that must reach the security mailbox independently from severity.

Smoke Test

From the management host:

tests/test_alertmanager_routing.sh

Expected delivery for the default critical smoke alert:

• Telegram group akira-critical.
• Slack channel #akira-critical.
• Email oncall@asheep.it.

Security route check:

TEST_SEVERITY=warning TEST_TYPE=security tests/test_alertmanager_routing.sh

Expected delivery: Telegram group akira-security and email security@asheep.it.

Secrets

See docs/runbooks/alertmanager-setup.md for the vault variables, Telegram chat id discovery, Slack webhook setup and SMTP setup.