Features

One alerting subsystem. Every channel. Every event.

Define delivery channels — email, Microsoft Teams, Slack, or your own webhook — once for the whole organisation, then route platform events to them with scoped rules. Alerts go where your team works, and webhook deliveries plug Cirrova directly into your existing workflow tooling.

Channels — define delivery once.

Reusable named endpoints for every destination your team uses. Email distribution lists. Microsoft Teams Workflows webhooks. Slack incoming webhooks. Your own HTTPS endpoint. Each has a Send test action so you can verify it before wiring it into a rule.

Rules — route events the way you need them.

Match anomaly, budget threshold, and snapshot events to one or more channels. Scope by tenant, subscription, resource group, tag, or specific budget — production into the war-room Slack, sandbox into a low-priority queue, finance budgets to finance.

Custom webhooks — pipe Cirrova into your stack.

Cirrova will POST JSON-encoded events to any HTTPS endpoint you control — signed with HMAC-SHA256, retried on failure, with optional custom headers. Drop them straight into Zapier, ServiceNow, Power Automate, your SIEM, your audit pipeline, or your own internal API.

Delivery history — debug with confidence.

Every delivery attempt is logged: time, channel, originating event, HTTP status, and the failure detail when something goes wrong. The first place to look when an alert didn't arrive — and the audit trail when one did.

Workflow Integration

Plug Cirrova into the tools your business already runs on.

Custom webhook channels deliver Cirrova events as JSON to any HTTPS endpoint — which means you can hand them straight to whatever orchestration, ticketing, or automation platform your organisation has standardised on. No middleware to write, no custom integration to maintain.

  • HMAC-SHA256 signed — every request includes X-Cirrova-Signature so your endpoint can verify authenticity
  • Retried on failure — Cirrova retries non-2xx responses on a documented schedule across 7 attempts
  • Stable event IDs — the same eventId on every retry, so receivers can de-duplicate
  • Custom headers — add the auth header or routing tag your endpoint expects
Read the integration spec
DROP CIRROVA EVENTS INTO…
Zapier
Catch hooks & trigger Zaps
ServiceNow
Auto-open ITSM tickets
Power Platform
Power Automate flows
PagerDuty
On-call paging
PSA / RMM tools
For MSP workflows
Your own systems
SIEM, audit, internal API
Event Types

Four platform events. One routing model.

Every alert in Cirrova is one of these four event types. Rules subscribe by event type and channels receive whatever the rules dispatch.

Anomaly detected

A new cost anomaly has been raised on a resource — with severity, baseline, and the magnitude of change.

Anomaly resolved

A previously-detected anomaly has resolved — costs have returned to baseline.

Budget threshold crossed

A budget's spend has crossed one of its configured thresholds — 50%, 75%, 90%, or 100%.

Snapshot failed

A data collection run failed during post-processing — the absence of fresh data is otherwise easy to miss.

Related Features

Alerting works alongside these.

Anomaly Detection

The detector that raises anomaly events for rules to route.
Budget Management

Threshold breaches feed straight into alerting rules.
Multi-Organisation

Each organisation defines its own channels and rules — fully isolated.

Pipe every cost event into the tooling you already use.

Centralised channels and rules, signed webhooks, and zero middleware required.

Start Free Trial Book a Demo