Skip to content

FAQ

Troubleshooting

Alerting

Why did I get one alert and then nothing, even though the same thing keeps happening?

Alert deduplication. By default, the same event from the same rule will not trigger a second alert for 24 hours. This is intentional — it prevents alert storms when a condition persists. If you want more frequent re-notification, lower the dedup window in your alert template settings.

My alert rule is enabled but no emails are arriving. What should I check?

Work through this list:

  1. The alert template attached to the rule must also be enabled.
  2. Confirm the recipient email address is correct in the template.
  3. If the template is in batch mode, emails are held until the batch interval elapses — no email is sent immediately.
  4. Check that the CEL condition in the rule actually matches the events you expect. See CEL rule evaluation.
  5. Check your spam folder — see Email deliverability.

Can I have multiple recipients for an alert?

Yes. In the alert template's destination configuration, specify multiple email addresses.

What is the difference between immediate and batch mode?

  • Immediate — an email is sent as soon as the rule matches an event.
  • Batch — matching events are accumulated over a configurable interval (default: 1 hour) and sent together in a single digest email, up to a maximum batch size.

Batch mode is useful for noisy rules where you want a summary rather than one email per event.

CT-Log monitoring

A certificate was issued for my domain but I didn't see it in NOB.center. Why?

The most common cause is a filter that is too narrow. If your filter pattern is set to exact match, it will only match the exact domain — not subdomains. Switch to wide match to catch all subdomains. Also verify the filter is enabled.

How long does it take for a new certificate to appear after issuance?

CT logs are monitored continuously. Certificates typically appear within a few minutes of being logged.

DNS monitoring

I changed a DNS record but NOB.center didn't detect it. Why?

DNS monitoring checks domains on a scheduled interval (up to once per hour). If the record that changed is not in your monitored record list for that domain, no change will be detected. Enable auto-discovery to have NOB.center automatically track common record types, or add the specific record manually.

Auto-discovery added a record I don't want. Can I remove it?

Yes. Disable or delete the individual record from the domain's record list. Auto-discovery will not re-add a record you have explicitly removed.

RDAP / WHOIS monitoring

RDAP data for my domain looks redacted or shows a privacy proxy. Is that normal?

Yes. Many registrars use privacy protection services that replace registrant contact information with proxy details. This is the registrar's standard behaviour and is reflected accurately in NOB.center. The important thing to monitor is whether the registration status, name servers, or expiry dates change unexpectedly.

RDAP returned no data for my domain. What does that mean?

Some TLDs do not publish RDAP data or use non-standard bootstrap paths. If RDAP fails for your domain, the monitor will record a failed check status. You can still monitor DNS and certificate data for that domain via other modules.

Certificate deployment monitoring

The certificate monitor is failing with a connection error. What should I check?

See TLS and STARTTLS connectivity for a detailed walkthrough.

I'm monitoring an internal server with a self-signed certificate and the monitor keeps failing.

You need to provide the root CA certificate on the monitor. Without it, the TLS handshake will fail because the certificate chain cannot be verified. See the Custom root CA section in Certificate Deployment Monitoring.

Account and billing

I can't create any more monitors / filters / rules. What's wrong?

You have reached your quota limit for that resource type. See Quota limits.

Can I disable a resource to free up a slot for a new one?

Yes. Disabling a resource frees an active slot so you can create a new enabled one. However, the number of disabled resources is also capped at your tier's limit — you cannot park unlimited disabled resources. See Quotas & Limits for the full mechanics.

API

My API request returns 401. What's wrong?

Your token is missing, expired, or revoked. Check that you are passing the full token value in the Authorization: Bearer <token> header. If the token has expired, create a new one or renew it before expiry using the renew endpoint.

My API request returns 403. I have a valid token.

The token does not have the required permission scope for that endpoint. When you created the token, you selected specific scopes — check that the scope needed for the operation is included. Also note that token scopes are an intersection with your role permissions: a scope you selected will still return 403 if your user role does not include that permission.