Versions Compared

Old Version 11

changes.mady.by.user Sara Weisz

Saved on

compared with

New Version Current

changes.mady.by.user Sara Weisz

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

...

...

...

...

...

...

...

...

...

...

Syslog Format

...

for Flatline/ Frequency alerts


Paste code macro
languagejava
<16>Oct 23 15:40:43 dpod [0x00a0001a][DPOD-alert][info] AlertName:(Devices CPU Metric) AlertDesc:(Alert on Devices CPU over 80%) on:(idg77) Value:(85.0) Threshold:(75.0) Filters:[device(),domain(),service()] Interval:[timestampStart(10/23/2018 15:35:43.714),timestampStartLong(1540298143714),timestampEnd(10/23/2018 15:40:43.714),timestampEndLong(1540298443714)]


...

Name
Time
Example
Host
Description
Alerts
Syslog
Message ID
facility code
Level10/23/2018
<16>
Alert NameAlert DescriptionOn (Alert Device/ Object)Alert Details
Always <16>
TimeOct 23 15:40:43
.714dpod0x00a0001ainfoDevices CPU MetricAlert
Alert's execution time
DPOD server host namedpod The host name of DPOD server that generated the alert
Alerts Syslog Message ID[0x00a0001a]Always [0x00a0001a]
Category[DPOD-alert]Always [DPOD-alert]
Severity Level[info]May be set via System Parameters ("Syslog Severity Field Value")
Alert NameAlertName:(Devices CPU Metric)The alert name as defined in Alerts Setup
Alert DescriptionAlertDesc:(Alert on Devices CPU over 80%)The alert description as defined in Alerts Setup
Alerted Objecton:(idg77)The object (device, service, message, etc.) the alert was generated on
Alert ValueValue:(85.0)The query's result value
Alert ThresholdThreshold:(75.0)The alert error threshold as defined in Alerts Setup
Alert FiltersFilters:[device(),domain(),service()]Additional criteria for the alert's execution
Time RangeInterval:[timestampStart(10/23/2018 15:35:43.714),timestampStartLong(1540298143714),
timestampEnd(10/23/2018 15:40:43.714),timestampEndLong(1540298443714)]

Alert Type: Frequency, match if the number of fetched documents is more than threshold X

The time frame for the alert's execution

Syslog Format for Any/ List alerts 


Paste code macro
languagejava
<16>Oct 24 08:30:23 dpod[0x00a0001a][DPOD-alert][info] AlertName:(

...

Objects Down Alert) AlertDesc:(Alert

...

 on any DP object that is enabled but down) on:([Domain is down, LogTarget, idg77, HospitalA_Domain]) Value:(null) Threshold:(null) Filters:[device(

...

),domain(),service()] Interval:[timestampStart(10/

...

24/2018

...

 08:

...

25:23.

...

531),timestampStartLong(

...

1540358723531),timestampEnd(10/

...

24/2018

...

 08:

...

30:23.

...

531),timestampEndLong(

...

1540359023531)]


NameExample
TimeHost
Description
Syslog facility code<16>Always <16>
TimeOct 24 08:30:23Alert's execution time
DPOD server host namedpod The host name of DPOD server that generated the alert
Alerts Syslog Message ID[0x00a0001a]Always [0x00a0001a]
Category[DPOD-alert]Always [DPOD-alert]
Severity Level[info]May be set via System Parameters ("Syslog Severity Field Value")
Alert Name
Alert DescriptionOn (Alert Device/ Object)Alert Details10/23/2018 17:44:23.088dpod0x00a0001ainfoTransaction Errors AlertAlert when 5 or more Transactions with errors in the last 30 minutesmpgw - webapiValue:(22.0) Threshold:(5.0) Filters:[device(idg77
AlertName:(Objects Down Alert)The alert name as defined in Alerts Setup
Alert DescriptionAlertDesc:(Alert on any DP object that is enabled but down)The alert description as defined in Alerts Setup
Alerted Objecton:([Domain is down, LogTarget, idg77, HospitalA_Domain])The object (device, service, message, etc.) the alert was generated on
Alert ValueValue:(null)The alert value is not applicable for alert types "any" and "list"
Alert ThresholdThreshold:(null)The alert threshold is not applicable for alert types "any" and "list"
Alert FiltersFilters:[device(),domain(),service()]Additional criteria for the alert's execution
Time RangeInterval:[timestampStart(10/
22
24/2018
17
08:
44
25:23.
088
531),timestampStartLong(
1540219463088
1540358723531),
timestampEnd(10/
23
24/2018
17
08:
44
30:23.
088
531),timestampEndLong(
1540305863088
1540359023531)]

...

Alert Type: List, match if a certain field of the fetched records matches a blacklist/whitelist

The message ID for all alerts will always be 0x00a0001a

...

The time frame for the alert's execution