Explore documentation
  1. Welcome to Telemetry 👋
  2. Quick start guide
  3. Wide events vs. metrics
  4. Ingesting data
    1. Better Stack collector
    2. Vector
    3. OpenTelemetry
    4. Ingesting via HTTP API
    5. Ingesting metrics
    6. Ingesting logs
    7. Migrating to Better Stack
  5. Using the product
    1. AI SRE ↗
    2. MCP server ↗
    3. Transforming ingested data
    4. Querying data
    5. Tracing
    6. Alerts
  6. Telemetry API
    1. Getting an API token
    2. Sources & collectors
    3. Dashboards
    4. Explorations
    5. Alerts API
      1. List all alerts GET
      2. Get a single alert GET
      3. Update an alert PATCH
      4. Remove an alert DELETE
      5. Create a dashboard alert ↗
      6. Create an exploration alert ↗
    6. Connections API
    7. Query API ↗
  7. Alternative to
    1. Lightstep

Get a single alert

Retrieves a single alert by its ID from any context (dashboard or exploration).

GET https://telemetry.betterstack.com/api/v2/alerts/{id}

URL parameters

id
required integer

The unique identifier of the alert.

Headers

Authorization
required string

Bearer $TOKEN

200

The details of the specified alert.

Response body

{
  "data": {
    "id": "789",
    "type": "alert",
    "attributes": {
      "dashboard_id": 123,
      "chart_id": 456,
      "name": "High Error Rate Alert",
      "alert_type": "threshold",
      "operator": "higher_than",
      "value": 100.0,
      "string_value": null,
      "query_period": 300,
      "confirmation_period": 0,
      "recovery_period": 300,
      "aggregation_interval": 60,
      "check_period": 60,
      "series_names": [
        "error"
      ],
      "source_variable": "source",
      "source_mode": "source_variable",
      "source_platforms": [],
      "incident_cause": "Error rate exceeded threshold",
      "incident_per_series": false,
      "escalation_target": {
        "policy_id": 123,
        "policy_name": "Critical Alerts Policy"
      },
      "metadata": {
        "environment": "production",
        "runbook": "https://wiki.example.com/runbooks/error-rate"
      },
      "paused": false,
      "paused_reason": null,
      "created_at": "2026-02-20T10:00:00Z",
      "updated_at": "2026-02-23T14:30:00Z"
    }
  }
}
404

The specified alert was not found.

Example request

cURL
curl --request GET \
     --url "https://telemetry.betterstack.com/api/v2/alerts/789" \
     --header "Authorization: Bearer $TOKEN"


Alert response shape

The response shape varies by alert_type. Threshold and relative alerts include operator, value, string_value, and check_period. Anomaly alerts include anomaly_sensitivity and anomaly_trigger instead. Dashboard alerts include dashboard_id and chart_id. Exploration alerts include exploration_id.

Threshold / Relative response Anomaly response 
{
  "attributes": {
    "alert_type": "threshold",
    "operator": "higher_than",
    "value": 100,
    "string_value": null,
    "check_period": 300
  }
}
{
  "attributes": {
    "alert_type": "anomaly_rrcf",
    "anomaly_sensitivity": 5.0,
    "anomaly_trigger": "any"
  }
}

Previous article

List all alerts

Next article

Update an alert