What events does the OCI Events service capture?

OCI Events captures resource lifecycle events from nearly every OCI service — Compute (instance start, stop, terminate), Object Storage (object create, update, delete), Networking (VCN, subnet, security list changes), Identity (user, group, policy modifications), Database (DB system state changes), and many more. Each event includes the resource OCID, compartment, event type, timestamp, and additional service-specific details. You can filter events by service, event type, resource OCID, and freeform or defined tags.

Can I filter events based on resource tags?

Yes. Event rules support tag-based filtering using both freeform tags and defined tags. This lets you create rules that only fire for tagged resources — for example, trigger a notification only when an instance tagged 'environment:production' is stopped. Tag-based filtering is powerful for building environment-specific automation without maintaining lists of resource OCIDs in your rules.

OCI Events Rule Builder

MonitoringOCI

Build OCI Events service rules with event type conditions and notification actions.

OCI Events Configuration

Build OCI Events service rules with event type conditions and notification/function actions.

Required Fields

compartmentIddisplayNameconditionactions

{
  "compartmentId": "ocid1.compartment.oc1..aaaaaaaexample",
  "displayName": "critical-infra-events-rule",
  "description": "Trigger notifications and functions on critical infrastructure events",
  "isEnabled": true,
  "condition": {
    "eventType": [
      "com.oraclecloud.computeapi.terminateinstance.begin",
      "com.oraclecloud.computeapi.terminateinstance.end",
      "com.oraclecloud.databaseservice.autonomous.database.critical",
      "com.oraclecloud.identitycontrolplane.createpolicy",
      "com.oraclecloud.identitycontrolplane.deletepolicy",
      "com.oraclecloud.objectstorage.deletebucket"
    ],
    "data": {
      "compartmentId": "ocid1.compartment.oc1..aaaaaaaexample",
      "compartmentName": "production",
      "additionalDetails": {}
    }
  },
  "actions": {
    "actions": [
      {
        "actionType": "ONS",
        "topicId": "ocid1.onstopic.oc1.iad.aaaaaaaexample",
        "isEnabled": true,
        "description": "Send to critical-alerts notification topic"
      },
      {
        "actionType": "FAAS",
        "functionId": "ocid1.fnfunc.oc1.iad.aaaaaaaexample",
        "isEnabled": true,
        "description": "Trigger incident-handler function"
      },
      {
        "actionType": "OSS",
        "streamId": "ocid1.stream.oc1.iad.aaaaaaaexample",
        "isEnabled": true,
        "description": "Stream to audit-events for archival"
      }
    ]
  },
  "freeformTags": {
    "severity": "critical",
    "team": "platform-ops"
  }
}

Generated Output

Output will appear here...

About This Tool

OCI Events service delivers real-time notifications when resources in your tenancy change state — instances start or stop, buckets are created, users are modified, and hundreds of other operations across OCI services. Events rules match incoming events using attribute filters and route them to actions like OCI Functions, Notifications topics, or Streaming streams. This builder helps you configure event rules with service-based filters, event type conditions, tag-based filtering, and action destinations.

When to Use This Tool

•Creating an event rule that triggers an OCI Function when a new object is uploaded to a specific Object Storage bucket for automatic processing
•Building a compliance notification rule that alerts when IAM policies are modified, users are created, or security lists are changed
•Configuring an event rule that streams all Compute instance lifecycle events to OCI Streaming for real-time infrastructure monitoring
•Setting up multi-action rules that simultaneously notify a team via Notifications and trigger an automation function when resources are deleted

Frequently Asked Questions

What events does the OCI Events service capture?: OCI Events captures resource lifecycle events from nearly every OCI service — Compute (instance start, stop, terminate), Object Storage (object create, update, delete), Networking (VCN, subnet, security list changes), Identity (user, group, policy modifications), Database (DB system state changes), and many more. Each event includes the resource OCID, compartment, event type, timestamp, and additional service-specific details. You can filter events by service, event type, resource OCID, and freeform or defined tags.
Can I filter events based on resource tags?: Yes. Event rules support tag-based filtering using both freeform tags and defined tags. This lets you create rules that only fire for tagged resources — for example, trigger a notification only when an instance tagged 'environment:production' is stopped. Tag-based filtering is powerful for building environment-specific automation without maintaining lists of resource OCIDs in your rules.

Related Learning Guides

OCI Streaming & Events22 min read

Disclaimer: This tool runs entirely in your browser. No data is sent to our servers. Always verify outputs before using them in production. AWS, Azure, and GCP are trademarks of their respective owners.