Basic HTTP Authentication. Karma will be performing authentication using configured list of username & password pairs. This method is only recommended for testing.

External authentication via headers. Karma doesn’t perform any authentication itself, it is done by a frontend service (SSO or nginx reverse proxy) that sets a header with username on every request.

authentication:users:header:name - name of the header that will contain the username. If this header is missing from a request access will be forbidden. When set header authentication is used.

authentication:users:header:value_re - regex used to extract the username from the request header value (when authentication:users:header:name is set). It must include one numbered capturing group, whatever is matched by that group will be used as the silence form author field. All regexes are anchored. This option must be set when authentication:users:header:name is set.

authentication:users:header:group_name - name of the header that will contain any groups the user has.

authentication:users:header:group_value_re - Similar to authentication:users:header:value_re, but for groups instead of usernames. Must be set when authentication:users:header:group_name is set.

authentication:users:header:group_value_separator - This will be used to split the group header to multiple group names. The split is done after evaluating the value regex. Default value is " ".

authentication:users - list of users (username & password) allowed to login. Passwords are stored plain without any encryption. When set HTTP basic authentication will be used.

acl:silences - path to silence ACL configuration file, see ACLs for details

groups - list of group definitons, each group must have a name and members list. name will be used in silence ACL rules, members list should contain list of user names as passed from authentication layer.

interval - how often alerts should be refreshed, a string in time.Duration format. If set to 1m karma will query every Alertmanager server once a minute. This is global setting applied to every Alertmanager server. All instances will be queried in parallel. Note that the maximum value for this option is 15m. The UI has a watchdog that tracks the timestamp of the last pull. If the UI does not receive updates for more than 15 minutes it will print an error and reload the page.

name - name of this Alertmanager server, will be used as a label added to every alert in the UI and for filtering alerts using @alertmanager=NAME filter

cluster - this option can be set to give Alertmanager clusters custom names in the UI. If there are multiple alertmanager servers configured in karma config that are part of the same HA cluster then this option should be set to the same value for all of them. If cluster option isn’t set a name will be generated for each detected cluster.

uri - base URI of this Alertmanager server. Supported URI schemes are http:// and https://. If URI contains basic auth info (https://user:[email protected]) and you don’t want it to be visible to users then ensure proxy: true is also set in order to avoid leaking auth information to the browser. Note: if URI contains username and password and proxy option is NOT enabled (see below), then the username & password information will be stripped from the URI and Authorization header using Basic Auth will be set for all in browser requests.

external_uri - this option allows to override base URI of this Alertmanager used for browser links and also silence requests (but only when proxy mode is not enabled).

timeout - timeout for requests send to this Alertmanager server, a string in time.Duration format.

proxy - if enabled requests from user browsers to this Alertmanager will be proxied via karma. This applies to requests made when managing silences via karma (creating or expiring silences). This option cannot be used when readonly is enabled.

readonly - set this Alertmanager upstream to a read only mode. This will disallow silence creation or editing. This option cannot be used when proxy is enabled.

tls:ca - path to CA certificate used to establish TLS connection to this Alertmanager instance (for URIs using https:// scheme). If unset or empty string is set then Go will try to find system CA certificates using well known paths.

tls:cert - path to a TLS client certificate file to use when establishing TLS connections to this Alertmanager instance if it requires a TLS client authentication. Note that this option requires tls:key to be also set.

tls:key - path to a TLS client key file to use when establishing TLS connections to this Alertmanager instance if it requires a TLS client authentication. Note that this option requires tls:cert to be also set.

tls:insecureSkipVerify - disable server certificate validation, can be set to allow using self-signed certs, use at your own risk

proxy_url - sets a proxy for HTTP client used for making requests to the upstream server. This can be used to access servers available via SOCKS5 proxy.

headers - a map with a list of key: values which are header: value. These custom headers will be sent with every request to the alert manager instance. NOTE: these headers are only sent for alertmanager requests, they are NOT set on requests send to Prometheus server when querying alert history. Please see history:rewrite section below if you want to set headers for Prometheus requests.

cors:credentials - sets the CORS credentials settings for browser requests, see docs for the list of possible values. By default credentials are included in all requests (include), set it to omit or same-origin if Alertmanager is configured to respond with Access-Control-Allow-Origin: *, see docs.

healthcheck:visible - enable this option if you want healthcheck:filters alerts to be visible in karma UI. An alternative to enabling this option is to route healcheck alerts to alertmanager receiver that isn’t visible using default karma filters.

healthcheck:filters - define healtchecks using alert filters. When set karma will search for alerts matching defined filters and show an error if it doesn’t match anything. This can be used with a Dead man’s switch style alert to notify karma users that there’s a problem with alerting pipeline. Syntax for this option is a map where key is the name of the filter set (used in the UI when showing errors) and the value is a list of filters.

- alert: DeadMansSwitch
  expr: vector(1)

uri - this option tells karma backend the URI that should be used to collect all alerts and silence data from given Alertmanager instance. This setting is required.

proxy - this option when set to true enables karma backend to proxy all silence management requests (creating, editing or deleting silences via karma UI), so when the user creates a silence via karma UI the browser makes a request to karma backend, the backend then forwards this request to the Alertmanager using the value of uri option as the URI. When this option is set to false all browser requests will use uri value. This setting is optional, default value for it is false.

external_uri - this option tells karma how the browser should connect to given Alertmanager instance, it can be used for silence management requests (creating, editing or deleting silences via karma UI) and how to generate links to silences in Alertmanager web UI. Behavior of this option depends on the value of proxy setting. When proxy mode is enabled:

active - when alert is firing

suppressed - when alert is either silenced by a silence rule or inhibited by another alert using inhibition rules

unprocessed - initial state for new alerts before they are checked against all silence rules so Alertmanager doesn’t yet know if the alert should be active or suppressed

enabled - setting it to true will enable creation of short lived acknowledgement silences.

duration - duration for acknowledgement silences, value is a string in time.Duration format.

author - default author for acknowledgement silences. If user set the author field on the silence form then that value will be used instead.

comment - custom comment used for acknowledgement silences (optional). If the comment contains %NOW% it will be replaced by current timestamp with UTC timezone, to use timestamp with local timezone use %NOWLOC%.

default:hidden - bool, true if all annotations should be hidden by default.

hidden - list of annotations that should be hidden by default.

visible - list of annotations that should be visible by default when default:hidden is set to true.

keep - list of allowed annotations, if empty all annotations are allowed.

strip - list of ignored annotations.

order - custom order of annotation names. All annotations listed here will appear first in the order specified here. Remaining annotations will be sorted alphabetically and appended at the end.

actions - list of annotations that will be moved to alert dropdown menu. this only applies to annotations where value is a link.

enableInsecureHTML - by default all annotation values are escaped when rendered in users browser, to prevent any injection attacks. If this option is set to true escaping will be disabled which allows HTML tags to be used in annotations, but if someone manages to send alerts with annotations containing untrusted HTML/Javascript code to your alertmanager instances karma will allow it to be executed in your browser.

default - list of filters to use by default when user navigates to karma web UI. Visit /help page in karma for details on available filters. Note that if a string starts with @ YAML requires to wrap it in quotes.

sorting:order - default sort order for alert grid, valid values are:

sorting:reverse - default value for reversed sort order

sorting:label - label name for sorting when grid:sorting:order is set to label. Labels can be assigned custom values used only by sorting via sorting:customValues:labels.

sorting:customValues:labels - when sorting using alert labels values are compared as strings, which work for labels like cluster=A, cluster=B & cluster=C, but not for cluster=prod, cluster=staging & cluster=dev. Alphabetic sort would order the second case as follows: dev, prod, staging. To allow for more natural sorting sorting:valueMapping can be used to map label values to integer values which will be used for sorting instead of original string values. Note: this option is not available via environment variables, you can only set it via the config file.

auto:ignore - list of label names that should never be selected as multi-grid source label when multi-grid is configured to Automatic selection in the UI or when ui:multiGridLabel is set to @auto.

auto:order - preferred order for selecting labels to be used as multi-grid source label when multi-grid is configured to Automatic selection in the UI or when ui:multiGridLabel is set to @auto. If a label name is not present in this list labels with equal weight will be picked in alphabetic order.

groupLimit - default number of alert groups to show in the UI, loading more will require user to click on Load more button.

enabled - enable alert history UI and backend query support

timeout - timeout for HTTP requests send to remote Prometheus servers

workers - number of worker threads to start, each worker handles one outgoing HTTP request, more workers allows to handle more concurrent queries if you have a large number of Prometheus servers sending alerts

rewrite - list of source rewrite rules applied before any request is send to remote Prometheus. Rewrite rules can be used to modify URI or TLS settings used by karma when connecting to Prometheus API if source field in alert uses addresses not reachable from karma. All regexes are anchored, ${N} syntax can be used for capture groups. You can rewrite uri to an empty string to disable connecting to that specific Prometheus instance.

name - name of given karma instance, this is currently used for the browser tab title.

color:static - list of label names that will all have the same color applied (different than the default label color). This allows to quickly spot a specific label that can have high range of values, but it’s important when reading the dashboard. For example coloring the instance label allows to quickly learn which instance is affected by given alert.

color:unique - list of label names that should have unique colors generated in the UI.

color:custom - nested map of label names and value with colors - this allows to configure a set of labels with custom predefined colors applied to them rather than generated. Value is a mapping with label name → list of dicts, each dict object allows setting:

order - custom order of label names. All labels listed here will appear first in the order specified here. Remaining labels will be sorted alphabetically and appended at the end.

keep - list of allowed labels, if both keep and keep_re are empty all labels are allowed.

keep_re - list of Go compatible regular expressions to keep matching labels; all regexes will be automatically anchored; if both keep and keep_re are empty all labels are allowed.

strip - list of ignored labels.

strip_re - list of Go compatible regular expressions to ignore matching labels; all regexes will be automatically anchored.

valueOnly - list of label names for which only the value will be displayed in the UI.

valueOnly_re - list of JavaScript compatible regular expressions to display only the value for matching labels; all regexes will be automatically anchored.

address - Hostname or IP to listen on.

port - HTTP port to listen on.

timeout:read - HTTP server request read timeout

timeout:write - HTTP server response write timeout

prefix - URL root for karma, you can use to if you wish to serve it from location other than /. This option is mostly useful when using karma behind reverse proxy with other services on the same IP but different URL root.

tls:cert - path to a TLS certificate, enables listening on HTTPS instead of HTTP,

tls:key - path to a TLS key, required when tls.cert is set

cors:allowedOrigins - List of origins a cross-domain request can be executed from. An empty list means all origins are allowed.

config - if set to true karma will log used configuration on startup

level - log level to set for karma, possible values are debug, info, warning, error, fatal and panic.

format - controls how log messages are formatted, possible values are text and json. If set to json each log will be a JSON object

requests - if set to true karma will log all requests

timestamp - if set to true all log messages will include a timestamp

expired - controls how long expired silences are shown on active alerts. If expired is set to 5m silences expired in the last 5 minutes will be shown. Set it to zero or a negative value to disable showing expired silences.

comments:linkDetect:rules - allows to specify a list of rules to detect links inside silence comments. It’s intended to find ticket system ID strings and turn them into links. Each rule must specify:

keep - list of receivers name that are allowed, if empty all receivers are allowed.

strip - list of receiver names that will not be shown in the UI.