...
| Column | Description | ||
|---|---|---|---|
| Enabled | Shows whether or not the alert execution will be scheduled to run (this is a read only field, you can change it by editing the alert) | ||
| Name | The alert's name, click on the name to go to the Alert details Page - you can edit the alert from there. | ||
| Description | A description of the alert - displays the "Query Value" field of the alert | ||
| Schedule | When the an alert execution will be scheduled -
| ||
| Recipients | "Syslog" and/or the email addresses of the recipients for the alert publishing |
Alert Details page
The top part displays the following fields:
| Field | Description |
|---|---|
| Schedule | When the an alert execution will be scheduled (if the alert is not enabled the alert will not be scheduled) |
| Description | A description of the alert -displays the value of the "Query Value" field of the alert |
| REST URL | The URL to run the alert via REST |
| Recipients | "Syslog" and/or the email addresses of the recipients |
...
| for the alert publishing |
The top part of the page also contains three buttons:
Test - Execute the alert immediately, the alert will be executed even if it's disabled, this is helpful in case you want to check the alert before actually scheduling it.
Edit - Edit the alert
Delete - Delete the alert
| Info |
|---|
Deleted alert cannot be recovered. If you simply do not want the alert to run - you can disable it (press "Edit" and uncheck the "Enabled" field) |
...
| Field | Description |
|---|---|
| Executing User | SCHEDULER - if the alert was scheduledDPOD run an alert execution via the scheduler REST - if the alert was run via the REST API User name - if a user tested the alert by pressing the "Test" button |
| Status | The execution status |
| Status Time | When the status was set |
| Message | How many alerts were generated (or an error message if a problem occuredoccurred) |
Add / Edit Alert
The first section contains details about the execution of the alert
| Field | Description |
|---|---|
| Enabled | Whether or not the alert will be scheduled for execution |
| Name | The Alert's name |
| Schedule | When the alert will be scheduled, the format is identical to the one used to schedule reports |
| Destination | Specify what will happen when an alert is generatedthe alert publishing destinations: Email - send an email (make sure that "Enable Queries Emails SMTP" is set to true inthe System Parameters page) Email WS - send an email via webservice (make sure that "Enable Queries Emails SMTP WS" is set to true inthe System Parameters page) |
| Recipients | if the destination is Email or Email WS - this field will contain the list of recipients |
The Alert Details section contains information about how the alert's query will be evaluated
| Field | Description |
|---|---|
| TypeDPOD supports three types of alerts: | Frequency - The condition will be met if there were X events in the checked time (for example, more than 5 system errors occurred in the last 10 minutes) |
| Query Value | Free text, describes the results returned by the alert's query Press on the "Details" button to view the Alert Queryalert query itself |
| Index Sets | (Hidden by default) Which ElasticSearch index sets will be queried |
| Document Types | (Hidden by default) Which ElasticSearch document types will be queried |
| Query (JSON) | (Hidden by default) An ElasticSearch query |
| Query Period | The time frame for the alert's query |
| Operator | Operator for the alert's query |
| Threshold | The value to compare the query's result to (not applicable for alert types "any" and "list" |
| Field Name | Only applicable for alert type "list" |
| Value List | Only applicable for alert type "list" - the list of values delimited by the delimiter specified in the "delimiter" field |
The Alert Filters section lets you specify additional criteria for the alert's query
...