Articles

New Relic Facet Alerts: Alert Per Dimension (2026)

April 18, 2026 4 min read

New Relic facet alerts let you create a single alert policy that dynamically triggers for specific combinations of dimension values, rather than needing a separate alert for each dimension.

Let’s see this in action. Imagine you have an application with several microservices, and you want to be alerted if any of those services experience an error rate above 5%.

Here’s a typical NRQL query to get the error rate per service:

SELECT percentage(count(*), WHERE error IS TRUE) FROM TransactionError FACET appName SINCE 1 hour ago

Without facet alerts, you’d have to:

  1. Run this query and see all your appName values.
  2. For each appName, create a new alert condition.
  3. In each of those new conditions, hardcode the appName value (e.g., appName = 'my-service-1').

This quickly becomes unmanageable as your number of services grows.

Facet alerts solve this by allowing you to define a single alert condition that watches for the condition (error rate > 5%) across any value of a specified FACET dimension.

How it Works Internally

When you set up a facet alert, New Relic doesn’t create multiple individual alerts behind the scenes. Instead, it continuously evaluates the NRQL query against incoming data. The crucial difference is how it handles the FACET clause in the alert condition.

Instead of using the FACET clause to group results for display, the alert condition uses it to define the scope of the alert. New Relic monitors the individual series produced by the FACET clause. If any of these individual series violate the alert threshold, a violation is triggered. The violation then includes the specific dimension value that caused it.

Setting Up a Facet Alert

  1. Navigate to Alerts & AI in your New Relic account.
  2. Click "New alert policy" or select an existing one.
  3. Click "Add a condition".
  4. Choose "NRQL" as the condition type.
  5. Enter your NRQL query. For our example, it would be:
    SELECT percentage(count(*), WHERE error IS TRUE) FROM TransactionError SINCE 5 minutes ago
    (Note: We’re omitting FACET appName from the initial query here. The FACET dimension is specified in the alert configuration itself.)
  6. Configure the Alert Details:
    • "Alert condition name": "High Error Rate Per Service"
    • "Alert trigger": "Any instance" (this is key for facet alerts).
    • "Threshold": "5%" (for the error rate).
    • "Duration": "5 minutes" (meaning the error rate must be above 5% for 5 consecutive minutes).
  7. Crucially, in the "Advanced options" or a similar section (the UI can vary slightly), you’ll find an option to "Run this query across multiple dimensions" or "Facet by". Select this option and enter appName (or whatever your dimension is, like host, region, environment, etc.).
  8. Configure Notifications: Set up who gets notified when an alert triggers.

Now, if my-service-1 has an error rate above 5% for 5 minutes, or my-service-2 does, or any other appName does, this single alert policy will trigger, and the notification will tell you which appName is experiencing the high error rate.

The Mental Model: A Net for Anomalies

Think of it like casting a wide net. The NRQL query defines the type of fish you’re looking for (errors). The FACET dimension is the mesh size – it breaks down the ocean into smaller, manageable pools. The alert condition is the fisherman watching each pool. If any pool has too many of the wrong fish, the alarm sounds, and you know precisely which pool to investigate.

The "Any instance" trigger combined with the "Facet by" dimension is what enables this behavior. New Relic effectively treats each unique value of the appName dimension (e.g., 'my-service-1', 'my-service-2') as a separate "instance" to monitor within the context of this single alert condition.

The most surprising thing about facet alerts is that they don’t create separate underlying alert objects for each facet value. Instead, New Relic’s data processing engine is capable of evaluating the condition against each individual facet series in real-time, making it incredibly efficient for high-cardinality dimensions. This avoids the overhead and management burden of thousands of individual alerts.

This allows you to monitor the health of hundreds or thousands of distinct entities with just a handful of alert policies.

The next concept you’ll want to explore is how to use filter() within NRQL for even more precise targeting within your facet alerts.

Want structured learning?

Take the full Newrelic course →