Versions Compared

Version Old Version 17 New Version Current
Changes made by

Sara Weisz

Sara Weisz

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

Syslog Format for Flatline

...

/ Frequency alerts


Paste code macro
languagejava
<16>Oct 23 15:40:43 dpod [0x00a0001a][DPOD-alert][info] AlertName:(Devices CPU Metric) AlertDesc:(Alert on Devices CPU over 80%) on:(idg77) Value:(85.0) Threshold:(75.0) Filters:[device(),domain(),service()] Interval:[timestampStart(10/23/2018 15:35:43.714),timestampStartLong(1540298143714),timestampEnd(10/23/2018 15:40:43.714),timestampEndLong(1540298443714)]


Time
Name
DPOD server hostname
Example
Category
Description
Alerts
Syslog
Message ID
facility code
Level10/23/2018
<16>
Alert NameAlert DescriptionOn (Alert Device/ Object)Alert Details
Always <16>
TimeOct 23 15:40:43
.714dpod
Alert's execution time
DPOD server host namedpod The host name of DPOD server that generated the alert
Alerts Syslog Message ID[0x00a0001a]Always [0x00a0001a]
Category[DPOD-alert

0x00a0001a
(always the same)

info
]Always [DPOD-alert]
Severity Level[info]May be set via System Parameters ("Syslog Severity Field Value")
Alert NameAlertName:(Devices CPU Metric)The alert name as defined in Alerts Setup
Alert DescriptionAlertDesc:(Alert on Devices CPU over 80%
idg77Value:(85.0) Threshold:(75.0) Filters:[device(),domain(),service()] Interval:[timestampStart(10/23/2018 15:35:43.714),timestampStartLong(1540298143714),timestampEnd(10/23/2018 15:40:43.714),timestampEndLong(1540298443714)]

Syslog Format for Frequency alerts (match if the number of fetched documents is more than threshold X)

Paste code macro
languagejava
<16>Oct 23 17:44:23 dpod [0x00a0001a][DPOD-alert][info] AlertName:(Transaction Errors Alert) AlertDesc:(Alert when 5 or more Transactions with errors in the last 30 minutes) on:(mpgw - webapi) Value:(22.0) Threshold:(5.0) Filters:[device(idg77),domain(),service()] Interval:[timestampStart(10/22/2018 17:44:23.088),timestampStartLong(1540219463088),timestampEnd(10/23/2018 17:44:23.088),timestampEndLong(1540305863088)]
TimeDPOD server hostnameCategoryAlerts Syslog Message IDLevelAlert NameAlert DescriptionOn (Alert Device/ Object)Alert Details10/23/2018 17:44:23.088dpodDPOD-alert0x00a0001a
(always the same)info
May be set via System Parameters ("Syslog Severity Field Value")Transaction Errors AlertAlert when 5 or more Transactions with errors in the last 30 minutesmpgw - webapiValue:(22.0) Threshold:(5.0) Filters:[device(idg77
)The alert description as defined in Alerts Setup
Alerted Objecton:(idg77)The object (device, service, message, etc.) the alert was generated on
Alert ValueValue:(85.0)The query's result value
Alert ThresholdThreshold:(75.0)The alert error threshold as defined in Alerts Setup
Alert FiltersFilters:[device(),domain(),service()]Additional criteria for the alert's execution
Time RangeInterval:[timestampStart(10/
22
23/2018
17
15:
44
35:
23
43.
088
714),timestampStartLong(
1540219463088
1540298143714),
timestampEnd(10/23/2018
17
15:
44
40:
23
43.
088
714),timestampEndLong(
1540305863088
1540298443714)]

The time frame for the alert's execution

Syslog Format for Any

...

Info
titleinfo
Threshold is not applicable for alert types "any" and "list"

/ List alerts 


Paste code macro
languagejava
<16>Oct 24 08:30:23 dpod[0x00a0001a][DPOD-alert][info] AlertName:(Objects Down Alert) AlertDesc:(Alert on any DP object that is enabled but down) on:([Domain is down, LogTarget, idg77, HospitalA_Domain]) Value:(null) Threshold:(null) Filters:[device(),domain(),service()] Interval:[timestampStart(10/24/2018 08:25:23.531),timestampStartLong(1540358723531),timestampEnd(10/24/2018 08:30:23.531),timestampEndLong(1540359023531)]


Time
Name
DPOD server hostname
Example
Category
Description
Alerts
Syslog
Message ID
facility code
Level10/24/2018
<16>
Alert NameAlert DescriptionOn (Alert Object Down)Alert Details
Always <16>
TimeOct 24 08:30:23
.531dpod
Alert's execution time
DPOD server host namedpod The host name of DPOD server that generated the alert
Alerts Syslog Message ID[0x00a0001a]Always [0x00a0001a]
Category[DPOD-alert
0x00a0001a
(always the same)info
]Always [DPOD-alert]
Severity Level[info]May be set via System Parameters ("Syslog Severity Field Value")
Alert NameAlertName:(Objects Down Alert)The alert name as defined in Alerts Setup
Alert DescriptionAlertDesc:(Alert on any DP object that is enabled but down)The alert description as defined in Alerts Setup
Alerted Objecton:([Domain is down, LogTarget, idg77, HospitalA_Domain]

Value:(null) Threshold:(null) Filters:[device(),domain(),service()] Interval:[timestampStart(10/24/2018 08:25:23.531),timestampStartLong(1540358723531),timestampEnd(10/24/2018 08:30:23.531),timestampEndLong(1540359023531)]

Syslog Format for List alerts (match if a certain field of the fetched records matches a blacklist/whitelist)

...

titleinfo

...

TimeDPOD server hostnameCategoryAlerts Syslog Message IDLevelAlert NameAlert DescriptionOn (Syslog Errors)Alert Details10/24/2018 08:30:23.531dpodDPOD-alert0x00a0001a
(always the same)info
May be set via System Parameters ("Syslog Severity Field Value")Syslog Errors MessageCode AlertAlert on any syslog errors with specific message codes[An error occurred on socket (260). Error details (113: No route to host). Local(172.17.100.200:58056) - Remote(n/a), 11, 31562, 297, 1540359962073, 1, 526, idg77, 3, 02, 2018, 176f0f31-d750-11e8-b42e-000c299db48d, 073827, 7, 1540359962073827, error, wdp-syslog-sys-error_active-node_N001, 2018-10-24T08:46:02.073827+03:00, 172.17.100.156, APIMgmt_B72F7777F4, 10, false, 08:46:02, MonTier-SyslogAgent-1, 08, 46, <11>2018-10-24T08:46:02.073827+03:00 MonTierLocalId-3 [0x80e006ba][network][error] trans(54159): An error occurred on socket (260). Error details (113: No route to host). Local(172.17.100.200:58056) - Remote(n/a), 24, 1540359963013, 54159, 1540359963013, 7.5.2.4+, 0x80e006ba, +03:00, network, 60000]Value:(null) Threshold:(null)
)The object (device, service, message, etc.) the alert was generated on
Alert ValueValue:(null)The alert value is not applicable for alert types "any" and "list"
Paste code macro
languagejava
<16>Oct 24 08:47:23 dpod[0x00a0001a][DPOD-alert][info] AlertName:(Syslog Errors MessageCode Alert) AlertDesc:(Alert on any syslog errors with specific message codes) on:([An error occurred on socket (260). Error details (113: No route to host). Local(172.17.100.200:58056) - Remote(n/a), 11, 31562, 297, 1540359962073, 1, 526, idg77, 3, 02, 2018, 176f0f31-d750-11e8-b42e-000c299db48d, 073827, 7, 1540359962073827, error, wdp-syslog-sys-error_active-node_N001, 2018-10-24T08:46:02.073827+03:00, 172.17.100.156, APIMgmt_B72F7777F4, 10, false, 08:46:02, MonTier-SyslogAgent-1, 08, 46, <11>2018-10-24T08:46:02.073827+03:00 MonTierLocalId-3 [0x80e006ba][network][error] trans(54159): An error occurred on socket (260). Error details (113: No route to host). Local(172.17.100.200:58056) - Remote(n/a), 24, 1540359963013, 54159, 1540359963013, 7.5.2.4+, 0x80e006ba, +03:00, network, 60000]) Value:(null) Threshold:(null) Filters:[device(),domain(),service()] Interval:[timestampStart(10/24/2018 08:42:23.538),timestampStartLong(1540359743538),timestampEnd(10/24/2018 08:47:23.538),timestampEndLong(1540360043538)]
Alert ThresholdThreshold:(null)The alert threshold is not applicable for alert types "any" and "list"
Alert FiltersFilters:[device(),domain(),service()]Additional criteria for the alert's execution
Time RangeInterval:[timestampStart(10/24/2018 08:
42
25:23.
538
531),timestampStartLong(
1540359743538
1540358723531),
timestampEnd(10/24/2018 08:
47
30:23.
538
531),timestampEndLong(
1540360043538)
1540359023531)]

The time frame for the alert's execution