ShootAlert
Start free

User guide

Everything you need to set up ShootAlert.

Step-by-step instructions for the common workflows add servers, monitor domains, configure alerts, invite teammates. About a 10-minute read.

1. Quick start

ShootAlert watches two things: servers (via a lightweight agent you install on the box) and domains/URLs (probed externally from our infrastructure, no install needed). Get a first signal flowing in five minutes:

  1. 1 Create an account no card needed. You get the Free plan immediately.
  2. 2 Add your domain monitor or server from the sidebar. Each generates a copy-paste command or form.
  3. 3 Add a notification channel (email is on by default Slack, Telegram, SMS, WhatsApp are optional).
  4. 4 That's it. Default alert rules fire on real problems high CPU, disk filling up, MySQL down, monitor failing and arrive with an AI explanation of the likely cause.

2. Monitor a domain

Use this for websites, APIs, or any HTTP/HTTPS endpoint you want pinged from outside. No agent needed we probe from our servers.

Add a monitor

  1. Open Monitors → Add monitor.
  2. Enter a name and the full URL (e.g. https://acme.com/status).
  3. Pick the check interval Free 5 min, Pro 1 min, Business 30 seconds.
  4. Set expected status (defaults to 200) and optionally a keyword that must appear in the response body.
  5. Attach one or more notification channels for this monitor (or rely on org-wide channels).
  6. Save. The first probe runs within a minute.

What gets checked

  • HTTP status response code matches your expected value.
  • Response time recorded in milliseconds, charted on the monitor detail page.
  • Keyword if set, must appear in the first 4 KB of the response body.
  • SSL certificate expiry for https:// URLs, we read the cert and warn 30 / 7 / 0 days before expiry.

The detail page shows a 24-hour response-time chart, uptime % for 24h / 7d, recent probe history, and the SSL countdown. Hit Probe now to trigger an immediate manual check.

3. Servers (Deep Analysis)

Use this when you have a Linux box you want deep metrics from. CPU, memory, disk, network, MySQL, Redis, Nginx, Laravel apps, queue workers.

Step by step

  1. Open Servers (Deep Analysis) → Add server.
  2. Give the server a name (any label that helps you recognise it).
  3. Save. You'll land on the server's detail page with two install tabs.

Install the agent

Requires SSH + root on a Linux box. Works on Ubuntu, Debian, AlmaLinux, Rocky, RHEL, and Amazon Linux. The installer detects your distro and architecture automatically.

  1. Copy the one-line install command from the server's detail page.
  2. SSH into your server.
  3. Paste and run the command.
  4. Wait ~30 seconds. The server's Last seen badge should turn green.
Installed where: /usr/local/bin/shootalert-agent, registered as a systemd service. The agent reads /proc, talks only outbound on HTTPS, and is signed with HMAC.

What the agent collects

  • CPU, RAM, disk, swap, load average, uptime
  • Network in/out per interface
  • MySQL/MariaDB connections, slow queries, query volume (when mysql: block enabled in agent.yml)
  • Per-database size and table count (same flag)
  • Laravel app status: failed/pending jobs, log size, APP_DEBUG flag (when laravel: block enabled in agent.yml)
  • Detected services: Nginx/Apache, MySQL, Redis, Supervisor (refreshed hourly)

4. Track application errors

Catch uncaught exceptions from inside your own application's code — stack trace, breadcrumbs, request context, affected user, and an AI root-cause on every new error. This is separate from servers and monitors: it needs no agent on a box, just a small package installed in your app.

Create an app

  1. Open Errors → New app and give it a name (e.g. my-site — production).
  2. The app's detail page shows a unique SDK key and the install snippet.
  3. Make a separate app per environment (production, staging) so their errors stay in distinct inboxes.

Install the Laravel SDK

On the server where your Laravel app runs:

  1. Run composer require shootalert/shootalert-laravel.
  2. Add SHOOTALERT_ERROR_KEY and SHOOTALERT_ERROR_ENDPOINT to your .env (both shown on the app page).
  3. Add a shootalert channel to your logging stack in config/logging.php — the snippet on the app page has the exact block.
  4. Run php artisan config:clear.
Queue note: errors ship via a queued job so the failing request returns fast. If your app doesn't run a queue worker, set SHOOTALERT_QUEUE_CONNECTION=sync so errors send inline instead of sitting in the queue.

What you get

  • Exceptions grouped by fingerprint (same error from the same line collapses into one group)
  • Full stack trace with your app's own frames highlighted
  • Breadcrumbs: recent log lines + DB queries before the failure
  • Request context (URL, method, route) and affected user count
  • An AI root-cause + suggested fix on each new error group
  • Notifications through your existing channels on first occurrence, threshold spikes, and reopens

Secrets in your .env and request data (passwords, tokens, auth headers) are stripped before anything leaves your server. Triage each group with Acknowledge, Resolve, or Mute from its detail page.

5. Notification channels

Add channels under Notifications → Add channel. After saving you can hit Test to send a synthetic alert and confirm the wiring works.

Email

All plans

Comma-separated recipient list.

Slack

Starter and up

Incoming webhook URL (Slack admin → Apps → Incoming Webhooks).

Telegram

Starter and up

Bot token (from @BotFather) + chat ID (use @userinfobot to find yours).

Webhook

Pro and up

POST endpoint + optional signing secret (we send X-ShootAlert-Signature).

SMS

Pro and up

Twilio Account SID, Auth Token, From number (E.164).

WhatsApp

Business

Twilio WhatsApp credentials + approved sender.

Tip: name channels by their audience (ops-slack, oncall-sms) so you can pick the right one when attaching to a monitor or alert rule.

6. Working with alerts

Default rules fire when something real breaks: server offline, CPU/RAM/disk over threshold, MySQL down, queue workers stalled, log file ballooning, monitor down, SSL expiring. You don't need to configure anything to start receiving them.

Alert lifecycle

  1. Open the alert fires and notifications go out across attached channels.
  2. Acknowledged someone on the team is on it. Stops re-notifying for the same fingerprint.
  3. Resolved issue is fixed. Auto-resolves on its own when the underlying condition clears, or do it manually.

AI diagnosis

Each open alert comes with a probable-cause explanation drawn from the metrics around the failure window. It's a starting point not a substitute for looking at logs. Available on Pro and above (token budget per plan).

7. Team & roles

Invite teammates from Team → Invite. They receive an email with a sign-up link scoped to your organization.

Role Can do
OwnerEverything: servers, monitors, channels, team, billing.
AdminEverything except billing.
MemberRead-only: view dashboards, servers, alerts. Can't change settings.

8. Plans & billing

Each plan caps servers, monitors, channels, alert volume, and minimum check interval. See live numbers and switch under Billing (owners only).

  • Usage vs. limit is displayed at the top of the billing page.
  • Going over a cap shows an inline message at the point of action (e.g. "You've hit the monitor limit") and links to billing.
  • Plan switches in this build apply immediately; in production they're confirmed by a payment webhook.

9. Two-factor authentication

Open Profile and use the Two-factor authentication card, or jump straight to Profile → Security.

  • Authenticator app (recommended) scan a QR with Google Authenticator, 1Password, Authy, Bitwarden, or any RFC 6238 app. Strongest method.
  • Email codes a 6-digit code sent to your account email on each sign-in. Convenient backup.
  • Recovery codes one-time use, generated when you enable 2FA. Store in a password manager. Each works once and can stand in for any other 2FA method.

10. Troubleshooting

Server stays "offline" after install

  • SSH install check the service: systemctl status shootalert-agent. Tail the log: journalctl -u shootalert-agent -f.
  • Cron install run the command manually once and check the output. Common cause: PHP not on the cron $PATH.
  • Firewall the agent only needs outbound HTTPS (port 443) to ShootAlert. No inbound ports.

Monitor stuck on "unknown"

  • First probe runs within a minute of creation. Hit Probe now to force it.
  • Confirm the URL is reachable from the public internet internal-only hostnames won't work.
  • If you set a keyword, make sure it appears in the first 4 KB of the body. Big SPAs often defer content past that.

Notifications not arriving

  • Use the Test button on the channel it sends a synthetic alert and shows the delivery result inline.
  • Email: check spam. Slack: confirm the webhook URL still works (re-create if rotated).
  • Twilio SMS/WhatsApp: verify the From number is verified/enabled in your Twilio console.

"Plan limit reached" when adding things

  • Each plan caps servers / monitors / channels. Check current usage on the Billing page.
  • Either delete unused items or upgrade.

Still stuck?

Drop a note to support@shootalert.com with your organization name and the page you're on. We usually reply within a business day.