Create Schema from Library Schema

Use a Library Schema when a reusable schema template already matches your Alert Producer.

Library Schemas are the fastest way to start because they include the schema definition before you send live traffic through 1stLine.

Before you start

You need:

• access to Alert Schemas
• an Alert Receiver destination, such as a webhook URL
• a Library Schema that matches your Alert Producer

Global Library Schemas are maintained from the public 1stLine Library Schemas repository. Organization Library Schemas are reusable templates saved inside your organization.

Create from Library

1. Open Create Alert Schema.
2. Choose Choose from Library.
3. Select the Library Schema that matches your Alert Producer.
4. Create the schema.
5. Open the new schema details page.
6. Review Patterns, Fields, Fingerprint Fields, Default Forward To, and forwarding behavior.
7. Configure the Alert Producer to send events to the new Alert Producer Destination.
8. Send a real test alert.
9. Open Alert Instances and confirm the Alert Instance content, fingerprint, timeline, and actions.

After creation

The created Alert Schema belongs to your organization and receives its own Schema Token.

You can edit it like any other Alert Schema. Common changes include:

• adding or adjusting Patterns
• setting Default Forward To
• choosing Fingerprint Fields
• enabling Proxy recurrent alerts when repeated firing events should be forwarded
• adding a Transformation Template
• configuring AI Escalation Mapping

Related pages

• Alert Schemas
• Schema Patterns
• Writing Transformation Templates
• Alert Instances

GitHub is a third-party brand. Burava does not own, represent, or speak for GitHub.