Why Siren Uses Email for Alert Ingestion

Most incident management platforms want you to install their integration, configure their webhook, manage their API keys. Then do it again for every monitoring tool you use.

Siren takes a different approach: send us an email.

How It Works

Every service you create in Siren gets a unique email address. Point your monitoring tool at it—Datadog, Grafana, CloudWatch, Prometheus Alertmanager, Uptime Kuma, a cron job, anything. When an alert fires and sends an email, Siren creates an incident and pages whoever's on-call.

That's the whole integration.

Why Email?

It already works

Every monitoring tool can send email. It's the lowest common denominator, and that's a feature. You don't need to check if we have an integration with your stack. You don't need to wait for us to build one. If it sends email, it works with Siren today.

Nothing to maintain

Webhooks break. API keys expire. Integration plugins fall behind when either side ships updates. Email just keeps working. You set it once and forget it.

No credentials in your infrastructure

With webhook integrations, you're storing API keys or secrets in your monitoring config. With email, there's nothing to leak, rotate, or manage. Your monitoring tool sends to an email address. That's it.

Works from anywhere

Monitoring in AWS? On-prem? A Raspberry Pi in your closet? Doesn't matter. If it can send email, it can page your team.

Deduplication

Alert storms are real. A flapping monitor can send dozens of emails in minutes. Siren handles this by deduplicating on subject line.

If an incident is already open with that subject, new emails become signals on the existing incident instead of creating new ones. Your team gets paged once, not fifty times.

When the incident is closed, the next email with that subject creates a new incident.

What About Webhooks?

We might add webhook ingestion eventually. But email will always work, and for most teams it's all they need.

The goal is to get your alerts into Siren with the least friction possible. For most monitoring tools, email is already configured and working. Why add complexity?

Getting Started

  1. Sign up at siren.splitrockai.com
  2. Create a service—you'll get a unique email address
  3. Add that address as a notification recipient in your monitoring tool
  4. When an alert fires, we'll call whoever's on-call

No SDK. No API keys. No integration code. Just email.

Get started free

Siren is built by Split Rock AI. Questions? [email protected]