{"id":5652,"date":"2026-03-29T00:04:57","date_gmt":"2026-03-28T18:34:57","guid":{"rendered":"https:\/\/blog.spike.sh\/?p=5652"},"modified":"2026-03-29T00:15:05","modified_gmt":"2026-03-28T18:45:05","slug":"alert-routing-setup-that-never-misses-critical-incidents","status":"publish","type":"post","link":"https:\/\/blog.spike.sh\/alert-routing-setup-that-never-misses-critical-incidents\/","title":{"rendered":"Building an Alert Routing setup that never misses a critical incident"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/spike.sh\/glossary\/critical-incident\/\">Critical incidents<\/a> have a direct impact on your business revenue and the trust your customers place in you. The longer a critical incident goes unnoticed, the higher the stakes. A reliable alert routing setup automatically catches these incidents the moment they trigger and gets them to the right person without delay.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">This guide walks you through how to build that reliable routing setup. You&#8217;ll find suggestions on defining what counts as a critical incident, spotting the gaps in routing setup, and closing them before they cause real damage.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\"><strong>If you\u2019re new to Alert Routing, we recommend you start here: <a href=\"https:\/\/spike.sh\/blog\/how-to-set-up-incident-alert-routing-rules-effectively\/\">How to set up Incident Alert Routing rules effectively<\/a><\/strong><\/p>\n<\/blockquote>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Table of contents<\/strong><\/p>\n\n\n\n<nav aria-label=\"Table of Contents\" class=\"wp-block-table-of-contents\"><ol><li><a class=\"wp-block-table-of-contents__entry\" href=\"https:\/\/blog.spike.sh\/alert-routing-setup-that-never-misses-critical-incidents\/#define-what-critical-means-for-your-business\">Define what &#8220;critical&#8221; means for your business<\/a><\/li><li><a class=\"wp-block-table-of-contents__entry\" href=\"https:\/\/blog.spike.sh\/alert-routing-setup-that-never-misses-critical-incidents\/#start-with-two-escalation-policies\">Start with two escalation policies<\/a><\/li><li><a class=\"wp-block-table-of-contents__entry\" href=\"https:\/\/blog.spike.sh\/alert-routing-setup-that-never-misses-critical-incidents\/#routing-your-critical-incidents\">Routing your critical incidents<\/a><ol><li><a class=\"wp-block-table-of-contents__entry\" href=\"https:\/\/blog.spike.sh\/alert-routing-setup-that-never-misses-critical-incidents\/#service-and-infrastructure-failures\">Service and infrastructure failures<\/a><\/li><li><a class=\"wp-block-table-of-contents__entry\" href=\"https:\/\/blog.spike.sh\/alert-routing-setup-that-never-misses-critical-incidents\/#security-and-compliance-signals\">Security and compliance signals<\/a><\/li><li><a class=\"wp-block-table-of-contents__entry\" href=\"https:\/\/blog.spike.sh\/alert-routing-setup-that-never-misses-critical-incidents\/#business-critical-thresholds\">Business-critical thresholds<\/a><\/li><li><a class=\"wp-block-table-of-contents__entry\" href=\"https:\/\/blog.spike.sh\/alert-routing-setup-that-never-misses-critical-incidents\/#cascading-failures\">Cascading failures<\/a><\/li><\/ol><\/li><li><a class=\"wp-block-table-of-contents__entry\" href=\"https:\/\/blog.spike.sh\/alert-routing-setup-that-never-misses-critical-incidents\/#3-ways-critical-incidents-slip-through-your-routing-setup-and-how-to-fix-them\">3 ways critical incidents slip through your routing setup (and how to fix them)<\/a><ol><li><a class=\"wp-block-table-of-contents__entry\" href=\"https:\/\/blog.spike.sh\/alert-routing-setup-that-never-misses-critical-incidents\/#1-no-rule-matches-the-incident\">1. No rule matches the incident<\/a><\/li><li><a class=\"wp-block-table-of-contents__entry\" href=\"https:\/\/blog.spike.sh\/alert-routing-setup-that-never-misses-critical-incidents\/#2-a-suppression-rule-is-too-broad\">2. A suppression rule is too broad<\/a><\/li><li><a class=\"wp-block-table-of-contents__entry\" href=\"https:\/\/blog.spike.sh\/alert-routing-setup-that-never-misses-critical-incidents\/#3-payload-changes-silently-break-rules\">3. Payload changes silently break rules<\/a><\/li><\/ol><\/li><li><a class=\"wp-block-table-of-contents__entry\" href=\"https:\/\/blog.spike.sh\/alert-routing-setup-that-never-misses-critical-incidents\/#faqs\">FAQs<\/a><\/li><\/ol><\/nav>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 id=\"define-what-critical-means-for-your-business\" class=\"wp-block-heading\">Define what &#8220;critical&#8221; means for your business<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Without a clear definition of what counts as critical in your system, your routing rules have nothing reliable to act on.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The simplest way to get that definition is to ask yourself one question: <strong>which incident would wake you up at 3 AM?<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The answer is different depending on what your business does. For a logistics platform, it might be the fleet tracking service going silent. For a financial platform, it might be a reconciliation job failing mid-run.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Once you write those incidents down, you can recognize patterns in their payloads. A few things worth looking for:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Service names that point to revenue-critical or customer-facing systems<\/li>\n\n\n\n<li>Keywords that signal severity: <code>replication_failed<\/code>, <code>data_loss<\/code>, <code>quorum_lost<\/code>, <code>breach<\/code><\/li>\n\n\n\n<li>Numeric thresholds like error rates crossing a percentage or queue depth beyond a set limit<\/li>\n\n\n\n<li>Customer context such as an enterprise tenant or a high-value region in the payload details<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Those patterns are what you&#8217;ll translate into routing rules.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 id=\"start-with-two-escalation-policies\" class=\"wp-block-heading\">Start with two escalation policies<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Before writing any routing rules, it helps to have two <a href=\"https:\/\/spike.sh\/blog\/what-is-an-escalation-policy\/\">escalation policies<\/a> ready: one for critical incidents and one for everything else. Your routing rules then simply decide which of the two loads for each incoming incident.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The critical policy is where speed matters. An immediate phone call to the on-call responder works well here. If there&#8217;s no acknowledgement, the incident escalates to a secondary responder within five minutes.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The default policy can be less aggressive. A push notification or Slack message with a longer wait before escalation often does the job.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\"><strong>To learn how to set up a critical escalation policy, read this: <a href=\"https:\/\/spike.sh\/blog\/escalation-policy-for-critical-incidents\/\">Escalation policy for critical incidents<\/a><\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>To learn how to set up a default escalation policy, read this: <a href=\"https:\/\/spike.sh\/blog\/escalation-policy-for-low-priority-incidents\/\">Escalation policy for low-priority incidents<\/a><\/strong><\/p>\n<\/blockquote>\n\n\n\n<p class=\"wp-block-paragraph\">As your routing rules mature, you can add more specific policies by team or service. But these two are a good starting point that gives you a clear view of what&#8217;s routing to critical and what isn&#8217;t.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 id=\"routing-your-critical-incidents\" class=\"wp-block-heading\">Routing your critical incidents<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">With your escalation policies in place, the next step is setting up routing rules that catch your critical incidents and load the right policy. Below are a few common types of critical incidents and how to write rules around each one.<\/p>\n\n\n\n<h3 id=\"service-and-infrastructure-failures\" class=\"wp-block-heading\">Service and infrastructure failures<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Infrastructure failures are often the clearest candidates for critical routing because the impact is immediate. A primary Postgres instance running out of connections in production is worth a phone call. The same thing in staging probably isn&#8217;t.<\/p>\n\n\n<div class=\"wp-block-code\">\n\t<div class=\"cm-editor\">\n\t\t<div class=\"cm-scroller\">\n\t\t\t\n<pre>\n<code><div class=\"cm-line\">IF   title contains &quot;postgres-primary&quot;<\/div><div class=\"cm-line\">AND  incident details [key: &quot;error&quot;] = &quot;max_connections_exceeded&quot;<\/div><div class=\"cm-line\">AND  incident details [key: &quot;env&quot;] = &quot;production&quot;<\/div><div class=\"cm-line\"><\/div><div class=\"cm-line\">THEN mark severity as SEV-1<\/div><div class=\"cm-line\">AND  mark priority as P1<\/div><div class=\"cm-line\">AND  load \u2192 critical escalation policy<\/div><\/code><\/pre>\n\t\t<\/div>\n\t<\/div>\n<\/div>\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1017\" height=\"267\" data-attachment-id=\"5659\" data-permalink=\"https:\/\/blog.spike.sh\/alert-routing-setup-that-never-misses-critical-incidents\/image-1-4\/\" data-orig-file=\"https:\/\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/image-1-2.png\" data-orig-size=\"1017,267\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"image-1\" data-image-description=\"\" data-image-caption=\"\" data-large-file=\"https:\/\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/image-1-2.png\" src=\"https:\/\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/image-1-2.png\" alt=\"Alert Rule created on Spike\" class=\"wp-image-5659\" srcset=\"https:\/\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/image-1-2.png 1017w, https:\/\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/image-1-2-300x79.png 300w, https:\/\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/image-1-2-768x202.png 768w\" sizes=\"auto, (max-width: 1017px) 100vw, 1017px\" \/><figcaption class=\"wp-element-caption\">Alert Rule created on <a href=\"https:\/\/spike.sh\" type=\"link\" id=\"spike.sh\">Spike<\/a><\/figcaption><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">Kubernetes node failures follow a similar pattern. A single node going <code>NotReady<\/code> in a large cluster is manageable. Three or more nodes going <code>NotReady<\/code> at the same time is worth escalating immediately.<\/p>\n\n\n<div class=\"wp-block-code\">\n\t<div class=\"cm-editor\">\n\t\t<div class=\"cm-scroller\">\n\t\t\t\n<pre>\n<code><div class=\"cm-line\">IF   title contains &quot;k8s-node-monitor&quot;<\/div><div class=\"cm-line\">AND  incident details [key: &quot;status&quot;] = &quot;NotReady&quot;<\/div><div class=\"cm-line\">AND  incident details [key: &quot;nodes_affected&quot;] &gt;= 3<\/div><div class=\"cm-line\"><\/div><div class=\"cm-line\">THEN mark severity as SEV-1<\/div><div class=\"cm-line\">AND  mark priority as P1<\/div><div class=\"cm-line\">AND  load \u2192 critical escalation policy<\/div><\/code><\/pre>\n\t\t<\/div>\n\t<\/div>\n<\/div>\n\n\n<h3 id=\"security-and-compliance-signals\" class=\"wp-block-heading\">Security and compliance signals<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Security incidents usually warrant their own escalation path regardless of which service reports them. An unauthorised access elevation or an unexpected root login is critical, no matter where it comes from.<\/p>\n\n\n<div class=\"wp-block-code\">\n\t<div class=\"cm-editor\">\n\t\t<div class=\"cm-scroller\">\n\t\t\t\n<pre>\n<code><div class=\"cm-line\">IF   incident details [key: &quot;event_type&quot;] = &quot;unauthorised_access_elevation&quot;<\/div><div class=\"cm-line\">OR   incident details [key: &quot;event_type&quot;] = &quot;root_login_detected&quot;<\/div><div class=\"cm-line\">OR   incident details [key: &quot;event_type&quot;] = &quot;permission_rules_changed&quot;<\/div><div class=\"cm-line\"><\/div><div class=\"cm-line\">THEN mark severity as SEV-1<\/div><div class=\"cm-line\">AND  mark priority as P1<\/div><div class=\"cm-line\">AND  load \u2192 security critical escalation policy<\/div><\/code><\/pre>\n\t\t<\/div>\n\t<\/div>\n<\/div>\n\n\n<p class=\"wp-block-paragraph\">Compliance violations often need a more precise rule. A PCI-scoped service logging cardholder data is worth treating as critical straight away. Combining the service name with the specific violation type gives you a reliable match.<\/p>\n\n\n<div class=\"wp-block-code\">\n\t<div class=\"cm-editor\">\n\t\t<div class=\"cm-scroller\">\n\t\t\t\n<pre>\n<code><div class=\"cm-line\">IF   title contains &quot;pci-scoped-service&quot;<\/div><div class=\"cm-line\">AND  incident details [key: &quot;violation_type&quot;] = &quot;cardholder_data_logged&quot;<\/div><div class=\"cm-line\"><\/div><div class=\"cm-line\">OR IF title contains &quot;pci-scoped-service&quot;<\/div><div class=\"cm-line\">AND  incident details [key: &quot;violation_type&quot;] = &quot;unencrypted_pan_detected&quot;<\/div><div class=\"cm-line\"><\/div><div class=\"cm-line\">THEN mark severity as SEV-1<\/div><div class=\"cm-line\">AND  mark priority as P1<\/div><div class=\"cm-line\">AND  load \u2192 compliance critical escalation policy<\/div><\/code><\/pre>\n\t\t<\/div>\n\t<\/div>\n<\/div>\n\n\n<h3 id=\"business-critical-thresholds\" class=\"wp-block-heading\">Business-critical thresholds<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Not every critical incident is a technical failure. Some of the most important signals are business-level thresholds that standard infrastructure monitoring wouldn&#8217;t catch on its own.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">A payment processing queue backing up is worth looking at through two lenses: how deep the queue is and how long the oldest item has been sitting there. A deep queue that&#8217;s moving is less urgent than a shallow one where items are stuck.<\/p>\n\n\n<div class=\"wp-block-code\">\n\t<div class=\"cm-editor\">\n\t\t<div class=\"cm-scroller\">\n\t\t\t\n<pre>\n<code><div class=\"cm-line\">IF   title contains &quot;payment-processing-queue&quot;<\/div><div class=\"cm-line\">AND  incident details [key: &quot;queue_depth&quot;] &gt; 1000<\/div><div class=\"cm-line\">AND  incident details [key: &quot;oldest_item_age_seconds&quot;] &gt; 300<\/div><div class=\"cm-line\"><\/div><div class=\"cm-line\">THEN mark severity as SEV-1<\/div><div class=\"cm-line\">AND  mark priority as P1<\/div><div class=\"cm-line\">AND  load \u2192 payments critical escalation policy<\/div><\/code><\/pre>\n\t\t<\/div>\n\t<\/div>\n<\/div>\n\n\n<p class=\"wp-block-paragraph\"><strong>Customer tier is another useful signal.<\/strong> An API latency spike affecting enterprise customers probably deserves a faster response than the same spike on a free tier.<\/p>\n\n\n<div class=\"wp-block-code\">\n\t<div class=\"cm-editor\">\n\t\t<div class=\"cm-scroller\">\n\t\t\t\n<pre>\n<code><div class=\"cm-line\">IF   title contains &quot;api-gateway&quot;<\/div><div class=\"cm-line\">AND  incident details [key: &quot;p99_latency_ms&quot;] &gt; 3000<\/div><div class=\"cm-line\">AND  incident details [key: &quot;customer_tier&quot;] = &quot;enterprise&quot;<\/div><div class=\"cm-line\"><\/div><div class=\"cm-line\">THEN mark severity as SEV-1<\/div><div class=\"cm-line\">AND  mark priority as P1<\/div><div class=\"cm-line\">AND  load \u2192 enterprise critical escalation policy<\/div><\/code><\/pre>\n\t\t<\/div>\n\t<\/div>\n<\/div>\n\n\n<h3 id=\"cascading-failures\" class=\"wp-block-heading\">Cascading failures<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Cascading failures are harder to catch because no single incident looks critical on its own. <strong>The signal is in the pattern.<\/strong> When multiple related services start reporting errors within a short window, it&#8217;s worth treating that correlation as critical.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">A message broker like RabbitMQ going down is a good example. The broker itself reports connection errors and the services that consume messages from it start failing too. Neither incident alone looks critical but together they point to something worth escalating. A useful approach is to combine title conditions across related services with a frequency threshold.<\/p>\n\n\n<div class=\"wp-block-code\">\n\t<div class=\"cm-editor\">\n\t\t<div class=\"cm-scroller\">\n\t\t\t\n<pre>\n<code><div class=\"cm-line\">IF   title contains &quot;rabbitmq-broker&quot;<\/div><div class=\"cm-line\">AND  incident details [key: &quot;error_type&quot;] = &quot;connection_refused&quot;<\/div><div class=\"cm-line\">AND  incident triggers &gt; 5 times within 10 minutes<\/div><div class=\"cm-line\"><\/div><div class=\"cm-line\">OR IF title contains &quot;event-consumer-service&quot;<\/div><div class=\"cm-line\">AND  incident details [key: &quot;error_type&quot;] = &quot;connection_refused&quot;<\/div><div class=\"cm-line\">AND  incident triggers &gt; 5 times within 10 minutes<\/div><div class=\"cm-line\"><\/div><div class=\"cm-line\">THEN mark severity as SEV-1<\/div><div class=\"cm-line\">AND  mark priority as P1<\/div><div class=\"cm-line\">AND  load \u2192 infrastructure critical escalation policy<\/div><\/code><\/pre>\n\t\t<\/div>\n\t<\/div>\n<\/div>\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"464\" data-attachment-id=\"5660\" data-permalink=\"https:\/\/blog.spike.sh\/alert-routing-setup-that-never-misses-critical-incidents\/image-2-3\/\" data-orig-file=\"https:\/\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/image-2.png\" data-orig-size=\"1038,470\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"image-2\" data-image-description=\"\" data-image-caption=\"\" data-large-file=\"https:\/\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/image-2-1024x464.png\" src=\"https:\/\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/image-2-1024x464.png\" alt=\"Alert Rule created on Spike\" class=\"wp-image-5660\" srcset=\"https:\/\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/image-2-1024x464.png 1024w, https:\/\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/image-2-300x136.png 300w, https:\/\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/image-2-768x348.png 768w, https:\/\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/image-2.png 1038w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\">Alert Rule created on <a href=\"https:\/\/spike.sh\" type=\"link\" id=\"spike.sh\">Spike<\/a><\/figcaption><\/figure>\n\n\n\n<div class=\"wp-block-group has-background has-global-padding is-layout-constrained wp-container-core-group-is-layout-830d1021 wp-block-group-is-layout-constrained\" style=\"border-top-left-radius:9px;border-top-right-radius:9px;border-bottom-left-radius:9px;border-bottom-right-radius:9px;background-color:#becad5;padding-top:var(--wp--preset--spacing--30);padding-right:var(--wp--preset--spacing--40);padding-bottom:var(--wp--preset--spacing--30);padding-left:var(--wp--preset--spacing--40)\">\n<p><strong>Spike\u2019s tip: Use Title Remapper<br \/><br \/><\/strong><strong>When your monitoring tool sends raw error codes (like <code>211007<\/code>\u00a0) as incident titles, it becomes hard to set up routing rules. In such cases, use\u00a0<a href=\"https:\/\/docs.spike.sh\/alerts\/title-remapper\">Spike\u2019s Title Remapper<\/a>\u00a0to set up a template that pulls fields from the payload and turns them into readable titles. So\u00a0<code>211007<\/code>\u00a0becomes something like \u201cDestination not reachable\u201d and writing routing rules around that is much simpler.<\/strong><\/p>\n<\/div>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 id=\"3-ways-critical-incidents-slip-through-your-routing-setup-and-how-to-fix-them\" class=\"wp-block-heading\">3 ways critical incidents slip through your routing setup (and how to fix them)<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Even a well-built routing setup can sometimes have gaps. These are the three common ways critical incidents get missed and how to fix them.<\/p>\n\n\n\n<h3 id=\"1-no-rule-matches-the-incident\" class=\"wp-block-heading\">1. No rule matches the incident<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">When an incident doesn&#8217;t match any routing rule, it falls to the default policy. The default policy sends a Slack message or a push notification, and responders treat those as non-critical by default. So even if the incident is genuinely critical, nobody acts on it with urgency because the delivery channel itself signals low priority.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">This gap usually shows up when new services get added without corresponding routing rules. <strong>The fix is to review your default queue regularly.<\/strong> Any critical incident landing there is a signal that your rules have a gap worth closing. Once you spot these patterns, you can write a new rule to route that type of incident to the critical policy going forward.<\/p>\n\n\n\n<h3 id=\"2-a-suppression-rule-is-too-broad\" class=\"wp-block-heading\">2. A suppression rule is too broad<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Suppression rules help with <a href=\"https:\/\/spike.sh\/glossary\/noise-reduction\/\">noise reduction<\/a> but they can quietly absorb critical incidents when written too broadly. A rule that auto-resolves everything from a noisy service will also suppress a genuine critical incident from that same service.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>The fix is to make your suppression rules more specific.<\/strong> Instead of suppressing all incidents from a service, add conditions that only suppress when the values are clearly non-critical.<\/p>\n\n\n<div class=\"wp-block-code\">\n\t<div class=\"cm-editor\">\n\t\t<div class=\"cm-scroller\">\n\t\t\t\n<pre>\n<code><div class=\"cm-line\">IF   title contains &quot;worker-nodes&quot;<\/div><div class=\"cm-line\">AND  incident details [key: &quot;cpu_pct&quot;] &lt; 85<\/div><div class=\"cm-line\">AND  incident details [key: &quot;env&quot;] != &quot;production&quot;<\/div><div class=\"cm-line\"><\/div><div class=\"cm-line\">THEN auto-resolve<\/div><\/code><\/pre>\n\t\t<\/div>\n\t<\/div>\n<\/div>\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"258\" data-attachment-id=\"5663\" data-permalink=\"https:\/\/blog.spike.sh\/alert-routing-setup-that-never-misses-critical-incidents\/image-3-4\/\" data-orig-file=\"https:\/\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/image-3.png\" data-orig-size=\"1024,258\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"image-3\" data-image-description=\"\" data-image-caption=\"\" data-large-file=\"https:\/\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/image-3.png\" src=\"https:\/\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/image-3.png\" alt=\"Alert Rule created on Spike\" class=\"wp-image-5663\" srcset=\"https:\/\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/image-3.png 1024w, https:\/\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/image-3-300x76.png 300w, https:\/\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/image-3-768x194.png 768w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\">Alert Rule created on <a href=\"https:\/\/spike.sh\" type=\"link\" id=\"spike.sh\">Spike<\/a><\/figcaption><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">This rule auto-resolves only when the CPU is below 85% and the environment is not production. Anything above that threshold or from production still routes normally. Whenever you write a suppression rule, it&#8217;s a good idea to add an explicit exemption for production or customer-facing services.<\/p>\n\n\n\n<h3 id=\"3-payload-changes-silently-break-rules\" class=\"wp-block-heading\">3. Payload changes silently break rules<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">A monitoring tool upgrade or a configuration change can alter the payload format without any visible warning. A rule matching on <code>incident details [key: \"error_code\"]<\/code> will stop firing if the tool starts sending that field as <code>incident details [key: \"errorCode\"]<\/code> instead. Everything looks fine on the surface but incidents stop routing correctly.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>The most practical fix is to keep a reference payload sample for each integration alongside your rules.<\/strong> When a rule stops firing as expected, then comparing the live payload against your reference is usually the fastest way to spot the mismatch. It can also be helpful to review your routing rules after any tool upgrade as part of your post-upgrade checklist.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\"><strong>For a deeper look at building reliable payload-based routing rules, check out this guide: <a href=\"https:\/\/spike.sh\/blog\/alert-routing-based-on-incident-payload\/\">How to route incidents based on what their payload says<\/a><\/strong><\/p>\n<\/blockquote>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p class=\"wp-block-paragraph\">Critical incidents will always be high-stakes. A routing setup that never misses them isn&#8217;t something you build once and forget about. It grows alongside your system. New services get added, payloads change, and your definition of critical evolves as your business does. But the foundation stays the same: clear rules, the right escalation policies, and regular check-ins on what&#8217;s landing in your default queue. Get that right and your team can trust that every critical incident reaches the right person at the right time.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">If you&#8217;re ready to set up routing rules, <a href=\"http:\/\/spike.sh\">Spike<\/a> is a good place to start. It has got everything you need to build a routing setup that never misses a critical incident.<\/p>\n\n\n\n<div class=\"wp-block-buttons is-content-justification-center is-layout-flex wp-container-core-buttons-is-layout-ee856660 wp-block-buttons-is-layout-flex\">\n<div class=\"wp-block-button\"><a class=\"wp-block-button__link has-midnight-gradient-background has-background wp-element-button\" href=\"https:\/\/app.spike.sh\/signup\" style=\"border-top-left-radius:9px;border-top-right-radius:9px;border-bottom-left-radius:9px;border-bottom-right-radius:9px\">Try Spike for free \u2192<\/a><\/div>\n<\/div>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 id=\"faqs\" class=\"wp-block-heading\">FAQs<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>How do you keep your definition of critical up to date as your system grows?<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The definition you start with will change. New services get launched and existing ones become more or less important over time. A good practice is to revisit the &#8220;which incident would wake you up at 3 AM&#8221; question every few months, especially after major launches or architecture changes. Post-incident reviews also surface useful signals. If your team keeps manually re-routing incidents to the critical policy, then your definition has probably shifted and your rules need to reflect that.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>What&#8217;s the right way to handle critical incidents that only affect a single customer?<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">It depends on who that customer is. If your payload includes a customer tier or account identifier, then you can write rules that treat incidents differently based on that context. An API failure affecting an enterprise customer with an SLA probably deserves the critical policy. The same failure on a free-tier account might be fine in default. The key is having that customer context available in the payload so your rules can act on it.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>What&#8217;s the best way to handle critical incidents from a third-party service you don&#8217;t control?<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Third-party services can fail in ways you can&#8217;t predict and their payloads are often less structured than your internal tools. The most reliable approach is to route based on the impact rather than the error itself. If your payment provider goes down, the incident that matters is &#8220;checkout is broken,&#8221; not the specific error code the provider sent. Writing rules around the downstream effect on your own services usually gives you a more stable match than trying to parse a third-party payload that could change without notice.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Critical incidents need to reach the right person the moment they trigger. This guide covers how to set up an alert routing system that make sure they always do.<\/p>\n","protected":false},"author":263547072,"featured_media":5665,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_import_markdown_pro_load_document_selector":0,"_import_markdown_pro_submit_text_textarea":"","_lmt_disableupdate":"","_lmt_disable":"","_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_feature_clip_id":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":true,"token":"eyJpbWciOiJodHRwczpcL1wvYmxvZy5zcGlrZS5zaFwvd3AtY29udGVudFwvdXBsb2Fkc1wvMjAyNlwvMDNcL09wc0dlbmllLVNodXRkb3duXy1FdmVyeXRoaW5nLVlvdS1OZWVkLVRvLUtub3ctNS0xMDI0eDU1NS5wbmciLCJ0eHQiOiJCdWlsZGluZyBhbiBBbGVydCBSb3V0aW5nIHNldHVwIHRoYXQgbmV2ZXIgbWlzc2VzIGEgY3JpdGljYWwgaW5jaWRlbnQiLCJ0ZW1wbGF0ZSI6ImhpZ2h3YXkiLCJmb250IjoiIiwiYmxvZ19pZCI6MjMzMTM4OTAwfQ.ytQomQgCHC02uDb5fo4-bmiEla7HWVivkyt46mO83hEMQ"},"version":2},"_wpas_customize_per_network":false,"jetpack_post_was_ever_published":false},"categories":[1467],"tags":[],"class_list":["post-5652","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-guides"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.7 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Building an Alert Routing setup that never misses a critical incident<\/title>\n<meta name=\"description\" content=\"Learn how to build an alert routing setup that catches every critical incident and gets it to the right person without delay.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.spike.sh\/alert-routing-setup-that-never-misses-critical-incidents\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Building an Alert Routing setup that never misses a critical incident\" \/>\n<meta property=\"og:description\" content=\"Learn how to build an alert routing setup that catches every critical incident and gets it to the right person without delay.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/blog.spike.sh\/alert-routing-setup-that-never-misses-critical-incidents\/\" \/>\n<meta property=\"og:site_name\" content=\"Spike&#039;s blog\" \/>\n<meta property=\"article:published_time\" content=\"2026-03-28T18:34:57+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-03-28T18:45:05+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-5.png\" \/>\n\t<meta property=\"og:image:width\" content=\"2080\" \/>\n\t<meta property=\"og:image:height\" content=\"1128\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Sreekar\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Sreekar\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"9 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/blog.spike.sh\\\/alert-routing-setup-that-never-misses-critical-incidents\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/blog.spike.sh\\\/alert-routing-setup-that-never-misses-critical-incidents\\\/\"},\"author\":{\"name\":\"Sreekar\",\"@id\":\"https:\\\/\\\/blog.spike.sh\\\/#\\\/schema\\\/person\\\/eb31f40342cbe6a94ef67a1c0bf20923\"},\"headline\":\"Building an Alert Routing setup that never misses a critical incident\",\"datePublished\":\"2026-03-28T18:34:57+00:00\",\"dateModified\":\"2026-03-28T18:45:05+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/blog.spike.sh\\\/alert-routing-setup-that-never-misses-critical-incidents\\\/\"},\"wordCount\":1799,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/blog.spike.sh\\\/alert-routing-setup-that-never-misses-critical-incidents\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/blog.spike.sh\\\/wp-content\\\/uploads\\\/2026\\\/03\\\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-5.png\",\"articleSection\":[\"Guides\"],\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/blog.spike.sh\\\/alert-routing-setup-that-never-misses-critical-incidents\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/blog.spike.sh\\\/alert-routing-setup-that-never-misses-critical-incidents\\\/\",\"url\":\"https:\\\/\\\/blog.spike.sh\\\/alert-routing-setup-that-never-misses-critical-incidents\\\/\",\"name\":\"Building an Alert Routing setup that never misses a critical incident\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/blog.spike.sh\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/blog.spike.sh\\\/alert-routing-setup-that-never-misses-critical-incidents\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/blog.spike.sh\\\/alert-routing-setup-that-never-misses-critical-incidents\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/blog.spike.sh\\\/wp-content\\\/uploads\\\/2026\\\/03\\\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-5.png\",\"datePublished\":\"2026-03-28T18:34:57+00:00\",\"dateModified\":\"2026-03-28T18:45:05+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/blog.spike.sh\\\/#\\\/schema\\\/person\\\/eb31f40342cbe6a94ef67a1c0bf20923\"},\"description\":\"Learn how to build an alert routing setup that catches every critical incident and gets it to the right person without delay.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/blog.spike.sh\\\/alert-routing-setup-that-never-misses-critical-incidents\\\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/blog.spike.sh\\\/alert-routing-setup-that-never-misses-critical-incidents\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/blog.spike.sh\\\/alert-routing-setup-that-never-misses-critical-incidents\\\/#primaryimage\",\"url\":\"https:\\\/\\\/blog.spike.sh\\\/wp-content\\\/uploads\\\/2026\\\/03\\\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-5.png\",\"contentUrl\":\"https:\\\/\\\/blog.spike.sh\\\/wp-content\\\/uploads\\\/2026\\\/03\\\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-5.png\",\"width\":2080,\"height\":1128},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/blog.spike.sh\\\/alert-routing-setup-that-never-misses-critical-incidents\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/blog.spike.sh\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Building an Alert Routing setup that never misses a critical incident\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/blog.spike.sh\\\/#website\",\"url\":\"https:\\\/\\\/blog.spike.sh\\\/\",\"name\":\"Spike&#039;s blog\",\"description\":\"Learnings and opinions in a changing world\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/blog.spike.sh\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/blog.spike.sh\\\/#\\\/schema\\\/person\\\/eb31f40342cbe6a94ef67a1c0bf20923\",\"name\":\"Sreekar\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/cb2a2f53f3fd9e9619b7d3aaca20588e6101b5d239f52e0137823bd5d6cd0941?s=96&d=robohash&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/cb2a2f53f3fd9e9619b7d3aaca20588e6101b5d239f52e0137823bd5d6cd0941?s=96&d=robohash&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/cb2a2f53f3fd9e9619b7d3aaca20588e6101b5d239f52e0137823bd5d6cd0941?s=96&d=robohash&r=g\",\"caption\":\"Sreekar\"},\"url\":\"https:\\\/\\\/blog.spike.sh\\\/author\\\/sreekar98\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Building an Alert Routing setup that never misses a critical incident","description":"Learn how to build an alert routing setup that catches every critical incident and gets it to the right person without delay.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.spike.sh\/alert-routing-setup-that-never-misses-critical-incidents\/","og_locale":"en_GB","og_type":"article","og_title":"Building an Alert Routing setup that never misses a critical incident","og_description":"Learn how to build an alert routing setup that catches every critical incident and gets it to the right person without delay.","og_url":"https:\/\/blog.spike.sh\/alert-routing-setup-that-never-misses-critical-incidents\/","og_site_name":"Spike&#039;s blog","article_published_time":"2026-03-28T18:34:57+00:00","article_modified_time":"2026-03-28T18:45:05+00:00","og_image":[{"width":2080,"height":1128,"url":"https:\/\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-5.png","type":"image\/png"}],"author":"Sreekar","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Sreekar","Estimated reading time":"9 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/blog.spike.sh\/alert-routing-setup-that-never-misses-critical-incidents\/#article","isPartOf":{"@id":"https:\/\/blog.spike.sh\/alert-routing-setup-that-never-misses-critical-incidents\/"},"author":{"name":"Sreekar","@id":"https:\/\/blog.spike.sh\/#\/schema\/person\/eb31f40342cbe6a94ef67a1c0bf20923"},"headline":"Building an Alert Routing setup that never misses a critical incident","datePublished":"2026-03-28T18:34:57+00:00","dateModified":"2026-03-28T18:45:05+00:00","mainEntityOfPage":{"@id":"https:\/\/blog.spike.sh\/alert-routing-setup-that-never-misses-critical-incidents\/"},"wordCount":1799,"commentCount":0,"image":{"@id":"https:\/\/blog.spike.sh\/alert-routing-setup-that-never-misses-critical-incidents\/#primaryimage"},"thumbnailUrl":"https:\/\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-5.png","articleSection":["Guides"],"inLanguage":"en-GB","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/blog.spike.sh\/alert-routing-setup-that-never-misses-critical-incidents\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/blog.spike.sh\/alert-routing-setup-that-never-misses-critical-incidents\/","url":"https:\/\/blog.spike.sh\/alert-routing-setup-that-never-misses-critical-incidents\/","name":"Building an Alert Routing setup that never misses a critical incident","isPartOf":{"@id":"https:\/\/blog.spike.sh\/#website"},"primaryImageOfPage":{"@id":"https:\/\/blog.spike.sh\/alert-routing-setup-that-never-misses-critical-incidents\/#primaryimage"},"image":{"@id":"https:\/\/blog.spike.sh\/alert-routing-setup-that-never-misses-critical-incidents\/#primaryimage"},"thumbnailUrl":"https:\/\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-5.png","datePublished":"2026-03-28T18:34:57+00:00","dateModified":"2026-03-28T18:45:05+00:00","author":{"@id":"https:\/\/blog.spike.sh\/#\/schema\/person\/eb31f40342cbe6a94ef67a1c0bf20923"},"description":"Learn how to build an alert routing setup that catches every critical incident and gets it to the right person without delay.","breadcrumb":{"@id":"https:\/\/blog.spike.sh\/alert-routing-setup-that-never-misses-critical-incidents\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.spike.sh\/alert-routing-setup-that-never-misses-critical-incidents\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/blog.spike.sh\/alert-routing-setup-that-never-misses-critical-incidents\/#primaryimage","url":"https:\/\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-5.png","contentUrl":"https:\/\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-5.png","width":2080,"height":1128},{"@type":"BreadcrumbList","@id":"https:\/\/blog.spike.sh\/alert-routing-setup-that-never-misses-critical-incidents\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blog.spike.sh\/"},{"@type":"ListItem","position":2,"name":"Building an Alert Routing setup that never misses a critical incident"}]},{"@type":"WebSite","@id":"https:\/\/blog.spike.sh\/#website","url":"https:\/\/blog.spike.sh\/","name":"Spike&#039;s blog","description":"Learnings and opinions in a changing world","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.spike.sh\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Person","@id":"https:\/\/blog.spike.sh\/#\/schema\/person\/eb31f40342cbe6a94ef67a1c0bf20923","name":"Sreekar","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/secure.gravatar.com\/avatar\/cb2a2f53f3fd9e9619b7d3aaca20588e6101b5d239f52e0137823bd5d6cd0941?s=96&d=robohash&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/cb2a2f53f3fd9e9619b7d3aaca20588e6101b5d239f52e0137823bd5d6cd0941?s=96&d=robohash&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/cb2a2f53f3fd9e9619b7d3aaca20588e6101b5d239f52e0137823bd5d6cd0941?s=96&d=robohash&r=g","caption":"Sreekar"},"url":"https:\/\/blog.spike.sh\/author\/sreekar98\/"}]}},"modified_by":"Sreekar","jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-5.png","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pfMe4Q-1ta","jetpack-related-posts":[{"id":5468,"url":"https:\/\/blog.spike.sh\/turning-team-knowledge-into-alert-routing-rules\/","url_meta":{"origin":5652,"position":0},"title":"Turning team knowledge into Alert Routing rules","author":"Sreekar","date":"12th March, 2026","format":false,"excerpt":"Your team knows incidents inside out. This guide walks you through four ways to build Alert Routing rules from that knowledge.","rel":"","context":"In &quot;Guides&quot;","block_context":{"text":"Guides","link":"https:\/\/blog.spike.sh\/category\/guides\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-1.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-1.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-1.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-1.png?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-1.png?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-1.png?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":5797,"url":"https:\/\/blog.spike.sh\/how-to-reduce-alert-noise\/","url_meta":{"origin":5652,"position":1},"title":"How to reduce alert noise without missing what matters","author":"Sreekar","date":"6th May, 2026","format":false,"excerpt":"This guide covers what counts as alert noise and how to reduce it automatically. It also walks through keeping critical incidents loud enough that your team never misses them.","rel":"","context":"In &quot;Guides&quot;","block_context":{"text":"Guides","link":"https:\/\/blog.spike.sh\/category\/guides\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blog.spike.sh\/wp-content\/uploads\/2026\/05\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-1.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blog.spike.sh\/wp-content\/uploads\/2026\/05\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-1.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blog.spike.sh\/wp-content\/uploads\/2026\/05\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-1.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blog.spike.sh\/wp-content\/uploads\/2026\/05\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-1.png?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blog.spike.sh\/wp-content\/uploads\/2026\/05\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-1.png?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blog.spike.sh\/wp-content\/uploads\/2026\/05\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-1.png?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":5449,"url":"https:\/\/blog.spike.sh\/how-to-set-up-incident-alert-routing-rules-effectively\/","url_meta":{"origin":5652,"position":2},"title":"How to set up Incident Alert Routing rules effectively","author":"Sreekar","date":"11th March, 2026","format":false,"excerpt":"A well set-up alert routing system means your team only sees what actually needs attention. This guide covers the three conditions that drive an effective routing setup and how to use each one.","rel":"","context":"In &quot;Guides&quot;","block_context":{"text":"Guides","link":"https:\/\/blog.spike.sh\/category\/guides\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-2.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-2.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-2.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-2.png?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-2.png?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-2.png?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":5605,"url":"https:\/\/blog.spike.sh\/alert-routing-based-on-incident-payload\/","url_meta":{"origin":5652,"position":3},"title":"How to route incidents based on what their payload says","author":"Sreekar","date":"26th March, 2026","format":false,"excerpt":"Every incident payload carries signals worth acting on. This guide covers how to read those signals and use them to set severity, load the right escalation policy, and reduce noise automatically.","rel":"","context":"In &quot;Guides&quot;","block_context":{"text":"Guides","link":"https:\/\/blog.spike.sh\/category\/guides\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-4.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-4.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-4.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-4.png?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-4.png?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-4.png?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":2261,"url":"https:\/\/blog.spike.sh\/introducing-live-call-routing-for-incident-response\/","url_meta":{"origin":5652,"position":4},"title":"Introducing Live Call Routing for Incident Response","author":"Sreekar","date":"16th July, 2025","format":false,"excerpt":"Today, we are introducing Live Call Routing, a direct phone line that connects incoming calls to on-call engineers. It captures human-reported incidents that monitoring tools might miss\u2014closing the loop between automated alerts and real-world observations so nothing falls through the cracks. It helps you respond to critical incidents faster by\u2026","rel":"","context":"In &quot;Announcement&quot;","block_context":{"text":"Announcement","link":"https:\/\/blog.spike.sh\/category\/announcement\/"},"img":{"alt_text":"Blog cover image titled \"Introducing Live Call Routing\"","src":"https:\/\/i0.wp.com\/blog.spike.sh\/wp-content\/uploads\/2025\/07\/Rectangle-Live-Call-Routing.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blog.spike.sh\/wp-content\/uploads\/2025\/07\/Rectangle-Live-Call-Routing.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blog.spike.sh\/wp-content\/uploads\/2025\/07\/Rectangle-Live-Call-Routing.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blog.spike.sh\/wp-content\/uploads\/2025\/07\/Rectangle-Live-Call-Routing.png?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blog.spike.sh\/wp-content\/uploads\/2025\/07\/Rectangle-Live-Call-Routing.png?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blog.spike.sh\/wp-content\/uploads\/2025\/07\/Rectangle-Live-Call-Routing.png?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":5690,"url":"https:\/\/blog.spike.sh\/severity-and-priority-based-routing\/","url_meta":{"origin":5652,"position":5},"title":"Routing incidents the way their severity and priority demand","author":"Sreekar","date":"29th March, 2026","format":false,"excerpt":"Should this incident get a phone call or a Slack message? Severity and priority answer that question. This guide shows how to build routing rules around both.","rel":"","context":"In &quot;Guides&quot;","block_context":{"text":"Guides","link":"https:\/\/blog.spike.sh\/category\/guides\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-7.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-7.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-7.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-7.png?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-7.png?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blog.spike.sh\/wp-content\/uploads\/2026\/03\/OpsGenie-Shutdown_-Everything-You-Need-To-Know-7.png?resize=1400%2C800&ssl=1 4x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/blog.spike.sh\/wp-json\/wp\/v2\/posts\/5652","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.spike.sh\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.spike.sh\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.spike.sh\/wp-json\/wp\/v2\/users\/263547072"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.spike.sh\/wp-json\/wp\/v2\/comments?post=5652"}],"version-history":[{"count":13,"href":"https:\/\/blog.spike.sh\/wp-json\/wp\/v2\/posts\/5652\/revisions"}],"predecessor-version":[{"id":5676,"href":"https:\/\/blog.spike.sh\/wp-json\/wp\/v2\/posts\/5652\/revisions\/5676"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.spike.sh\/wp-json\/wp\/v2\/media\/5665"}],"wp:attachment":[{"href":"https:\/\/blog.spike.sh\/wp-json\/wp\/v2\/media?parent=5652"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.spike.sh\/wp-json\/wp\/v2\/categories?post=5652"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.spike.sh\/wp-json\/wp\/v2\/tags?post=5652"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}