/
Alerts

IBM DataPower Operations Dashboard v1.0.22.x

Alerts

DPOD can publish alerts when certain predefined events occur, for example, when device CPU is over 80%
Alerts can be viewed and managed from the Alerts Setup page

Terminology

Alert Query - the metadata that defines the alert parameters (for example, count all the system errors from the last 10 minutes in domain DMZ)

Alert Execution - one execution of the alert query

Alert Publishing  - when an alert returns positive results, it will be published to interested parties via email, HTTP or syslog

Alert Query

Each query consists of a type, period, an operator and a threshold.
In addition, you can define filters, so the query will run on specific devices, domains or services.

DPOD supports 4 types of alerts queries:

Type

Description

Example

Type

Description

Example

Frequency 

The condition will be met if there were X events in the checked time

More than 5 system errors occurred in the last 10 minutes

Flatline 

The condition will be met if there is a value above a certain threshold 

Device CPU is above 80%

Any 

The condition will be met if any results are returned for the query

A DataPower object is down

List

The condition will be met if a result is in/not-in a pre-defined list of values.
The list must not be empty.

 

Alert Execution

An execution is one instance of the alert query, there are 3 ways to execute a query:

  1. Scheduled - Enabled queries can be scheduled to run on a specific time or on a fixed interval.

  2. Test Via the web console - Click the "Test" button in the Alerts Details Page for a one time only execution, you can use it for testing the query before scheduling it.

  3. Via the REST API - an alert can be executed remotely via the REST API (for example, with CURL), the REST API URL for each query can be found in the Alerts Details Page, Example can found here

Alert Publishing

The alert will be published once an alert execution run an alert query and generated one or more results.

The alerts can be published via the following facilities:

  • Email - an email will be sent for every generated alert.
    Make sure that "Enable Alerts Emails SMTP” is set to true in the System Parameters page.
    The SMTP parameters are configured in the System Parameters page.
    For further details about the format of the email message see Alerts Email Format.

  • HTTP Request - an HTTP request will be sent for every generated alert.
    The HTTP request parameters are configured in the System Parameters page.
    For further details about the format of the HTTP request see Alerts JSON Format.

  • Syslog message (JSON Format) - a Syslog message will be sent for every generated alert.
    The Syslog parameters are configured in the System Parameters page.
    For further details about the format of the Syslog message see Alerts JSON Format.

  • Syslog message (Legacy Format) - a Syslog message will be sent for every generated alert.
    The Syslog parameters are configured in the System Parameters page.
    For further details about the format of the Syslog message see Alerts Syslog Legacy Format.

  • Web Service - a SOAP message will be sent for every generated alert.
    Make sure that "Enable Alerts Web Service" is set to true in the System Parameters page.
    The Web Service parameters are configured in the System Parameters page.

  • File System - a file will be created for every generated alert.
    Make sure that "Enable Queries Output File" is set to true in the System Parameters page.
    For further details about the format of the file contents see Alerts JSON Format.

 

Copyright © 2015 MonTier Software (2015) Ltd.