Versions Compared

Old Version 16

changes.mady.by.user Sara Weisz

Saved on

compared with

New Version Current

changes.mady.by.user Amit Munwes

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

Syslog Format for Flatline

...

languagejava

...

/Frequency alerts

<16>Oct 23 15:40:43

...

dpod [0x00a0001a][DPOD-alert][info]

...

AlertName:(Devices

...

CPU

...

Metric)

...

AlertDesc:(Alert

...

on

...

Devices

...

CPU

...

over

...

80%)

...

on:(idg77) Subject:(Device:idg77)

...

Value:(85.0)

...

Threshold:(75.0)

...

TimeInterval:

...

(timestampStart:10/23/2018

...

15:35:43.714

...

,timestampStartLong

...

:1540298143714

...

,timestampEnd

...

:10/23/2018

...

15:40:43.714

...

,timestampEndLong

...

10/23/2018 15:40:43.714

...

0x00a0001a
(always the same)

...

:1540298443714)InvestigateUrl:(https://172.17.100.149/op/#deviceResources:-deviceNameOp:eq-deviceName:idg77-productView:idg-timeRangeType:custom-timeRangeStart:1663599211803-timeRangeEnd:1663599511803)

Name

Example

Description

Syslog facility code

<16>

Always <16>

Time

Oct 23 15:40:43

Alert's execution time

DPOD server host name

dpod 

The host name of DPOD server that generated the alert

Alerts Syslog Message ID

[0x00a0001a]

Always [0x00a0001a]

Category

[DPOD-alert]

Always [DPOD-alert]

Severity Level

[info]

May be set via System Parameters ("Syslog Severity Field Value")

Alert Name

AlertName:(Devices CPU Metric)

The alert name as defined in Alerts Setup

Alert Description

AlertDesc:(Alert on Devices CPU over 80%)

The alert description as defined in Alerts Setup

Alerted Object

on:(idg77)

The object (device, service, message, etc.) the alert was generated on

Alert Subject

Device:idg77

A list of properties for the object the alert was generated on

Alert Value

Value:(85.0)

The query's result value

Alert Threshold

Threshold:(75.0)

Filters:[device(),domain(),service()] Interval:[timestampStart(

The alert error threshold as defined in Alerts Setup

Time Range

timeInterval:(timestampStart:10/23/2018 15:35:43.714

)

,timestampStartLong

(

:1540298143714

)

,
timestampEnd

(

:10/23/2018 15:40:43.714

)

,timestampEndLong

(

:1540298443714)

]

Syslog Format for Frequency alerts (match if the number of fetched documents is more than threshold X)

Paste code macro
languagejava
<16>Oct 23 17:44:23 dpod [0x00a0001a][DPOD-alert][info] AlertName:(Transaction Errors Alert) AlertDesc:(Alert when 5 or more Transactions with errors in the last 30 minutes) on:(mpgw - webapi) Value:(22.0) Threshold:(5.0) Filters:[device(idg77),domain(),service()] Interval:[timestampStart(10/22/2018 17:44:23.088),timestampStartLong(1540219463088),timestampEnd(10/23/2018 17:44:23.088),timestampEndLong(1540305863088)]

...

Syslog Format for Any alerts (match if any record was fetched)

Info
titleinfo
Threshold is not applicable for alert types "any" and "list"

...

languagejava

...

The time frame for the alert's execution

Investigate URL

InvestigateUrl:(https://<IP ADDRESS DPOD>/op/#deviceResources:-deviceNameOp:eq-deviceName:idg77-productView:idg-timeRangeType:custom-timeRangeStart:1663599211803-timeRangeEnd:1663599511803)

An investigate link that displays the data that triggered each alert in DPOD Web Console.

Syslog Format for Any/List alerts

<16>Oct 24 08:30:23 dpod[0x00a0001a][DPOD-alert][info]

...

AlertName:(Objects

...

Down

...

Alert)

...

AlertDesc:(Alert

...

on

...

any

...

DP

...

object

...

that

...

is

...

enabled

...

but

...

down)

...

on:([

...

LogTarget, The initial server connection could not be started., apic2018_compat_idg2, DPOD-MSC-1805-2, SideCalls_Domain])

...

Subject:(

...

objectStatusObjectClass:LogTarget,objectStatusErrorCode:The initial server connection could not be started.,objectStatusDeviceName:apic2018_compat_idg2,objectStatusName:DPOD-MSC-1805-2,objectStatusDomainName:SideCalls_Domain) TimeInterval:(timestampStart:09/19/2022 18:20:40.034,timestampStartLong:1663600840034,timestampEnd:09/19/2022 18:25:40.034,timestampEndLong:1663601140034) InvestigateUrl:(https://172.17.100.149/op/#apicFailedObjects:-deviceNameOp:eq-deviceName:apic2018_ucompat_uidg2-domainNameOp:eq-domainName:SideCalls_uDomain-objectTypeOp:eq-objectType:LogTarget-objectNameOp:eq-objectName:DPOD_dMSC_d1805_d2-productView:apic)

Name

Example

Description

Syslog facility code

<16>

Always <16>

Time

Oct 24 08:30:23

Alert's execution time

DPOD server host name

dpod 

The host name of DPOD server that generated the alert

Alerts Syslog Message ID

[0x00a0001a]

Always [0x00a0001a]

Category

[DPOD-alert]

Always [DPOD-alert]

Severity Level

[info]

May be set via System Parameters ("Syslog Severity Field Value")

Alert Name

AlertName:(Objects Down Alert)

The alert name as defined in Alerts Setup

Alert Description

AlertDesc:(Alert on any DP object that is enabled but down

[Domain is down, LogTarget, idg77, HospitalA_Domain]Value:(null

)

Threshold:(null) Filters:[device(),domain(),service()] Interval:[timestampStart(10/24/2018 08:25:23.531),timestampStartLong(1540358723531),timestampEnd(10/24/2018 08:30:23.531),timestampEndLong(1540359023531)]

Syslog Format for List alerts (match if a certain field of the fetched records matches a blacklist/whitelist)

Info
titleinfo
Threshold is not applicable for alert types "any" and "list"
Paste code macro
languagejava
<16>Oct 24 08:47:23 dpod[0x00a0001a][DPOD-alert][info] AlertName:(Syslog Errors MessageCode Alert) AlertDesc:(Alert on any syslog errors with specific message codes) on:([An error occurred on socket (260). Error details (113: No route to host). Local(172.17.100.200:58056) - Remote(n/a), 11, 31562, 297, 1540359962073, 1, 526, idg77, 3, 02, 2018, 176f0f31-d750-11e8-b42e-000c299db48d, 073827, 7, 1540359962073827, error, wdp-syslog-sys-error_active-node_N001, 2018-10-24T08:46:02.073827+03:00, 172.17.100.156, APIMgmt_B72F7777F4, 10, false, 08:46:02, MonTier-SyslogAgent-1, 08, 46, <11>2018-10-24T08:46:02.073827+03:00 MonTierLocalId-3 [0x80e006ba][network][error] trans(54159): An error occurred on socket (260). Error details (113: No route to host). Local(172.17.100.200:58056) - Remote(n/a), 24, 1540359963013, 54159, 1540359963013, 7.5.2.4+, 0x80e006ba, +03:00, network, 60000]) Value:(null) Threshold:(null) Filters:[device(),domain(),service()] Interval:[timestampStart(10/24/2018 08:42:23.538),timestampStartLong(1540359743538),timestampEnd(10/24/2018 08:47:23.538),timestampEndLong(1540360043538)]
TimeDPOD server hostnameAlerts Syslog Message IDLevelAlert NameAlert DescriptionOn (Syslog Errors)Alert Details10/24/2018 08:30:23.531dpod0x00a0001a
(always the same)info
May be set via System Parameters ("Syslog Severity Field Value")Syslog Errors MessageCode AlertAlert on any syslog errors with specific message codes[An error occurred on socket (260). Error details (113: No route to host). Local(172.17.100.200:58056) - Remote(n/a), 11, 31562, 297, 1540359962073, 1, 526, idg77, 3, 02, 2018, 176f0f31-d750-11e8-b42e-000c299db48d, 073827, 7, 1540359962073827, error, wdp-syslog-sys-error_active-node_N001, 2018-10-24T08:46:02.073827+03:00, 172.17.100.156, APIMgmt_B72F7777F4, 10, false, 08:46:02, MonTier-SyslogAgent-1, 08, 46, <11>2018-10-24T08:46:02.073827+03:00 MonTierLocalId-3 [0x80e006ba][network][error] trans(54159): An error occurred on socket (260). Error details (113: No route to host). Local(172.17.100.200:58056) - Remote(n/a), 24, 1540359963013, 54159, 1540359963013, 7.5.2.4+, 0x80e006ba, +03:00, network, 60000]Value:(null) Threshold:(null) Filters:[device(),domain(),service()] Interval:[timestampStart(10/24/2018 08:42:23.538),timestampStartLong(1540359743538),timestampEnd(10/24/2018 08:47:23.538),timestampEndLong(1540360043538)

The alert description as defined in Alerts Setup

Alerted Object

on:([LogTarget, The initial server connection could not be started., apic2018_compat_idg2, DPOD-MSC-1805-2, SideCalls_Domain])

The object (device, service, message, etc.) the alert was generated on

Time Range

TimeInterval:(timestampStart:09/19/2022 18:20:40.034,timestampStartLong:1663600840034,timestampEnd:09/19/2022 18:25:40.034,timestampEndLong:1663601140034)

The time frame for the alert's execution

Investigate URL

InvestigateUrl:(https://<IP ADDRESS DPOD>/op/#apicFailedObjects:-deviceNameOp:eq-deviceName:apic2018_ucompat_uidg2-domainNameOp:eq-domainName:SideCalls_uDomain-objectTypeOp:eq-objectType:LogTarget-objectNameOp:eq-objectName:DPOD_dMSC_d1805_d2-productView:apic)

An investigate link that displays the data that triggered each alert in DPOD Web Console.