There is no additional cost for analytic rules (alert rules) or automation rules. Sentinel price is a combination of ingestion (log analytics and Sentinel billed separately) and extended data retention/archival.
Unlike some monitoring tools like SCOM, data ingestion is defined separately using data connectors in Sentinel (not by the alert rules). So you ingest the data first using a connector and the analytic rule queries the collected data.
There are several data connectors or sources that are free to ingest. Mainly Office activity, Azure activity, and alerts from other security solutions. These sources are free to ingest and alert (though extended archival beyond 90 days does incur archival pricing).