Detection rules help you to detect events of your interest and post metrics in OCI Monitoring service. The detection can be at ingest time when the log content matches a label and additional settings, or a scheduled search based on a query.

To create ingest time detection rule to detect specific content in the log records, see Detect Predefined Events at Ingest Time. You must provide permissions to allow ingest-time rule to post metrics to the OCI Monitoring service. See Allow Users to Perform Ingest Time Alert Rule Operations.

To create scheduled search detection rule for running a query at periodic intervals, see Create a Schedule to Automatically Run a Saved Search Query. You must provide permissions to allow scheduled search to post metrics to the OCI Monitoring service. See Allow Users to Perform All Operations on Scheduled Tasks.

After the detection rule is created, you can generate alerts through the alarms in OCI Monitoring service when the events are detected and metrics posted. See Create Alerts for Detected Events.

To perform other actions on the detection rules, in the Detection rules listing page, select the compartment of your rule in the Detection Rules Scope section, and narrow down your search for your rule by selecting the rule type in the Filters section. After identifying your detection rule, click Actions icon in the row of your detection rule:

• View Details: The detection rule details page is displayed. In the Detection rule information tab, you can view the rule type, its OCID, execution status, the compartment that it resides in, and the details you have provided while creating the detection rule. In the Tags tab, you can view the tags associated with the detection rule. Click Add Tag button to add one.

  Further, click the button Edit, Disable, Add Tags, or More actions in detection rule details page to perform the corresponding actions. When you click More actions, you can Move Resource or Delete.

• Edit: The Edit Detection Rule dialog box is displayed. Here, you can update the rule name or the interval properties depending on the type of detection rule.

• Copy OCID: The OCID of the detection rule resource is copied. You can use it to refer to this resource anywhere in Oracle Cloud Infrastructure.

• Move Resource: The Move Resource to a Different Compartment dialog box is displayed. From the options, select the compartment to which you want to move the detection rule and click Move Resource.

• Add Tag: See Add Tags to Logging Analytics Resources.

• Delete: You can delete some of your old or unused rules. To delete the rule, confirm in the Delete Rule dialog box.