log_alert_rules

Log Alert Rules provides configurable threshold-based alerting for Drupal watchdog log entries.

Instead of manually watching logs or building one-off automation for recurring errors, site administrators can define alert rules that watch for patterns in specific log channels and severities, then notify recipients when thresholds are met.

Each rule can target:
- a log channel, or any channel
- one or more severity levels
- a substring or PCRE regex message pattern
- an optional negate pattern
- raw or rendered message matching

Features

- Configurable alert rules stored as config entities
- Threshold-based evaluation within sliding time windows
- Cooldown suppression to reduce alert floods
- Email notification channel
- Rule testing against recent dblog entries
- Single-rule and bulk export/import
- Backward-compatible import for older single-rule exports
- Drupal 10.3+ and Drupal 11 support

This module is intended for sites that want practical, maintainable alerting on top of Drupal's built-in logging system.

Post-Installation

After enabling the module:

1. Ensure the Database Logging (dblog) module is enabled.
2. Go to Administration > Configuration > System > Log Alert Rules.
3. Create one or more alert rules for the log channels and severities you care
about.
4. Test each rule against recent log entries before relying on it.
5. Configure email recipients and verify alert delivery in your environment.