Versions Compared

Old Version 18

changes.mady.by.user Sara Weisz

Saved on

compared with

New Version Current

changes.mady.by.user Sara Weisz

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The Setup Alerts page shows details about existing system alerts associated to the current product view, and lets you edit them and create new alerts.

...

Column

Description

Name

The alert's name, click on the name to go to the Alert details Page - you can edit the alert from there.

Description

A description of the alert - displays the "Query Value" field of the alert.

Enabled

Shows whether or not the alert execution will be scheduled to run (this is a read only field, you can change it by editing the alert).

System Health Metric

Shows whether or not the alert is a metric.

Schedule

When an alert execution will be scheduled -.

Info

The alert will not be scheduled if it is not enabled, even if this field contains a value


Recipients

"Syslog" and/or the email addresses of the recipients for the alert publishing.

Alert Details page

The top part displays the following fields:

Field

Description

Enabled

Whether or not the alert will be scheduled for execution.

System Health Metric

Whether or not the alert is a metric.

Description

A description of the alert -displays the value of the "Query Value" field of the alert.

Product 

Product Type

Schedule

When an alert execution will be scheduled (if the alert is not enabled the alert will not be scheduled).

REST URL

The URL to run to use in REST API to perform actions on the alert via REST, see Alerts REST API from more details.

Recipients

"Syslog" and/or the email addresses of the recipients for the alert publishing.

The top part of the page also contains three buttons:
Test - Execute the alert immediately, the alert will be executed even if it's disabled, this is helpful in case you want to check the alert before actually scheduling it.
Edit - Edit the alert
Delete - Delete the alert

...

Field

Description

Executing User

SCHEDULER - if DPOD run an alert execution via the scheduler.

REST - if the alert was run via the REST API.

User name - if a user tested the alert by pressing the "Test" button.

Status

The execution status.

Status Time

When the status was set.

Message

How many alerts were generated (or an error message if a problem occurred).


Add / Edit Alert

The first section contains details about the execution of the alert

...

Field

Description

Alert Type

The alert type (more information about the alert types can be found in the the Alerts page)

Description

Free text, describes the results returned by the alert's query

Press the "Details" button to view the alert query itself

Index Sets

(Hidden by default) Which OpenSearch index sets will be queried

Document Types

(Hidden by default) Which OpenSearch document types will be queried

Query (JSON)

(Hidden by default) An OpenSearch query (see Query DSL and Aggregations for more information on how to build a query).
A search query, or query, is a request for information about data in OpenSearch indices.
Frequency and Flatline alert types are always based on aggregation whereas Any and List are based on hits. See DPOD Store for more detailed information about the field names.
By default, searches containing an aggregation return both search hits and aggregation results. To return only aggregation results, so that the query will be more efficient (performance wise), set size to 0.
A meaningful name should be given to the aggregation names since they are used as the subject name of the alert.
A System Health Metric alert should always be based on a search query containing an aggregation with the name “Device”. (See ‘Alert on Devices CPU over 80%’ as an example for adding a new metric)

Parameters (JSON)

(Hidden by default) Named parameters to replace placeholders in the query. i.e:

Investigate URI

An investigate link, included in the alert results, and displays the data that triggered each alert in DPOD Web Console.
To compose a URI, one should open the relevant dashboard that displays the data for a particular alert, enter the filters the alert uses, and copy the URI from after the #.
The values should be replaced with one of the following placeHolders:
${result:Aggs or source field name} , ${parameter:Parameter name} or ${threshold}.
For example:
apicTransactions:-apicApiNameOp:eq-apicApiName:${result:API}-errorMessageOp:eq-errorMessage:${parameter:messageTextSubstring}

Aggs to Ignore

Delimited list of aggregation names to ignore in results.

Query Period

The time frame for the alert's query

Operator

Operator for the alert's query

Threshold

The value to compare the query's result to (not applicable for alert types "any" and "list"Border)

Field Name

Only applicable for alert type "list"

Value List

Only applicable for alert type "list" - the list of values delimited by the delimiter specified in the "delimiter" field

...

Field

Description

Applicable Product Type

Device

Which DataPower devices the alert's query should check

Gateway/API-C

Domain

Which DataPower domains the alert's query should check

Gateway/API-C

Client IP

Which Client IP’s the alert's query should check

Gateway/API-C

Service

Which DataPower services the alert's query should check

Gateway

Catalog

Which API-C catalog names the alert's query should check

API-C

Space

Which API-C space names the alert's query should check

API-C

Product

Which API-C product names the alert's query should check

API-C

Plan

Which API-C plan names the alert's query should check

API-C

API Name

Which API-C names the alert's query should check

API-C

API Version

Which API-C versions the alert's query should check

API-C

App Name

Which API-C names the alert's query should check

API-C

...