#Sentry pagertree webhook issue

4 messages · Page 1 of 1 (latest)

high jolt Aug 1, 2025, 5:53 PM

Hi Sentry Support,

Org: elm-ai
Projects: x-auditsense, s-auditsense, notification-service (and unexpectedly datapipelines)

Setup (project-level Issue Alerts):

Each project has one Issue Alert with filters like

env does not contain LOCAL_DEV, development

level ≥ error

message does not contain several strings (e.g., “Running AI Pipeline”, “Error uploading to AI Pipeline”, “regrade/evidence was u…”)

Action: Send a notification via Webhook (PagerTree).

Sentry PagerTree integration is disabled; no org-wide or catch-all rules configured.

Problems:

Webhooks fire for events that don’t match our filters (e.g., level=info, message contains a blocked string).
Example: https://elm-ai.sentry.io/issues/6762071340/?alert_rule_id=15435648&alert_type=issue&notification_uuid=b5a216bc-d4d4-4c96-8807-a6fd61df213f

Webhooks appear to originate from datapipelines, a project where we did not configure a PagerTree webhook.

Requests:

Identify which rule fired for the example above (by alert_rule_id / notification_uuid) and why it matched despite filters.

Confirm what field “Message … does not contain” evaluates for Node events (event.message / logentry.formatted?).

Verify whether any org-level/legacy mechanism could send webhooks outside of project Issue Alerts.

Any pointers to rule-evaluation logs we can check ourselves?

Happy to provide additional examples or screenshots.

Thanks,
Eesha Khanna

loud hollowBOT Aug 1, 2025, 5:53 PM

Hi @high jolt. I'm happy to dig into this for you! I'll check my internal sources for answers to your question! :wave:

Thank you for your detailed questions. Here’s what I can confirm based on the available knowledge sources:

1. Identify which rule fired for the example above (by alert_rule_id / notification_uuid) and why it matched despite filters.

The knowledge sources do not provide a way to directly look up or trace which specific alert rule (by alert_rule_id or notification_uuid) fired for a given event. Sentry’s webhook payload for issue alerts includes the rule label (triggered_rule) and some configuration, but not the rule ID itself, which has been noted as a feature request by other users [Sentry webhook integration for issue alerts should return issue alert rule ID]. Therefore, without access to your Sentry instance or internal logs, I cannot definitively identify which rule fired or why it matched in this specific case.

2. Confirm what field “Message … does not contain” evaluates for Node events (event.message / logentry.formatted?).

The knowledge sources do not explicitly state which field the "Message does not contain" filter evaluates for Node events. Sentry’s event payloads for issue alerts include both a message field and a logentry.formatted field, but the documentation does not clarify which is used for this filter [Issue Alerts Webhook Payload]. If you need to be certain, I recommend testing with controlled events or reaching out to Sentry support for clarification.

3. Verify whether any org-level/legacy mechanism could send webhooks outside of project Issue Alerts.

Based on the knowledge sources, webhooks for issue alerts are configured at the project level, and there is no mention of an org-level or legacy mechanism that would send PagerTree webhooks outside of project-specific Issue Alerts [PagerTree Integration]. However, legacy integrations or catch-all rules could exist if previously configured, but you mentioned that the PagerTree integration is disabled and no org-wide rules are set. If you are still seeing webhooks from unexpected projects, double-check for any legacy or hidden rules in your Sentry settings.

4. Any pointers to rule-evaluation logs we can check ourselves?

The knowledge sources do not mention any user-accessible logs for rule evaluation or alert rule matching. There is no documented way to view detailed rule-evaluation logs from the Sentry UI or API.

Summary:

The knowledge sources do not provide a way to trace which rule fired for a specific alert or why it matched.
The exact field used for the "Message does not contain" filter in Node events is not specified.
There is no documented org-level/legacy mechanism for PagerTree webhooks outside project Issue Alerts, but double-check your settings.
No user-accessible rule-evaluation logs are documented.

If you need further investigation, I recommend reaching out to Sentry support directly with your examples and screenshots, as they may be able to access internal logs or provide more specific guidance.