/
Alerts Setup

IBM DataPower Operations Dashboard v1.0.19.0

A newer version of this product documentation is available.

You are viewing an older version. View latest at IBM DPOD Documentation.

Alerts Setup

The Setup Alerts page shows details about existing system alerts associated to the current product view, and lets you edit them and create new alerts.

Click on "Add Alert" to create a new alert.
Click on the alert name to enter the "alert details" page and edit the alert. 

Column

Description

Column

Description

Name

The alert's name, click on the name to go to the Alert details Page - you can edit the alert from there.

Description

A description of the alert - displays the "Query Value" field of the alert.

Enabled

Shows whether or not the alert execution will be scheduled to run (this is a read only field, you can change it by editing the alert).

System Health Metric

Shows whether or not the alert is a metric.

Schedule

When an alert execution will be scheduled.

The alert will not be scheduled if it is not enabled, even if this field contains a value



Recipients

"Syslog" and/or the email addresses of the recipients for the alert publishing.

Alert Details page

The top part displays the following fields:

Field

Description

Field

Description

Enabled

Whether or not the alert will be scheduled for execution.

System Health Metric

Whether or not the alert is a metric.

Description

A description of the alert -displays the value of the "Query Value" field of the alert.

Product 

Product Type

Schedule

When an alert execution will be scheduled (if the alert is not enabled the alert will not be scheduled).

REST URL

The URL to use in REST API to perform actions on the alert, see Alerts REST API from more details.

Recipients

"Syslog" and/or the email addresses of the recipients for the alert publishing.

The top part of the page also contains three buttons:
Test - Execute the alert immediately, the alert will be executed even if it's disabled, this is helpful in case you want to check the alert before actually scheduling it.
Edit - Edit the alert
Delete - Delete the alert

Deleted alert cannot be recovered.

If you simply do not want the alert to run - you can disable it (press "Edit" and uncheck the "Enabled" field)



The lower part of the page displays the results of the recent 20 executions of the alert

Field

Description

Field

Description

Executing User

SCHEDULER - if DPOD run an alert execution via the scheduler.

REST - if the alert was run via the REST API.

User name - if a user tested the alert by pressing the "Test" button.

Status

The execution status.

Status Time

When the status was set.

Message

How many alerts were generated (or an error message if a problem occurred).



Add / Edit Alert

The first section contains details about the execution of the alert

Field

Description

Field

Description

Enabled

Whether or not the alert will be scheduled for execution

System Health Metric

Whether or not the alert is a metric

Name

The Alert's name

Product

Gateway / API-C / Supported Products(when alert is relevant to all product views)

Schedule

When the alert will be scheduled, the format is identical to the one used to schedule reports

Destination

Specify the alert publishing destinations:
Syslog - a syslog record will be written, you'll need to configure the Syslog target server's host name, port and the syslog severity field value (Error, Info, etc) in the System Parameters page.

Email - send an email (make sure that "Enable Queries Emails SMTP" is set to true in the System Parameters page)

Email WS - send an email via webservice (make sure that "Enable Queries Emails SMTP WS" is set to true in the System Parameters page)

Recipients

if the destination is Email or Email WS - this field will contain the list of recipients


The Alert Details section contains information about how the alert's query will be evaluated

Field

Description

Field

Description

Alert Type

The alert type (more information about the alert types can be found in the the Alerts page)

Description

Free text, describes the results returned by the alert's query

Press the "Details" button to view the alert query itself

Index Sets

(Hidden by default) Which OpenSearch index sets will be queried

Document Types

(Hidden by default) Which OpenSearch document types will be queried

Query (JSON)

(Hidden by default) An OpenSearch query (see Query DSL and Aggregations for more information on how to build a query).
A search query, or query, is a request for information about data in OpenSearch indices.
Frequency and Flatline alert types are always based on aggregation whereas Any and List are based on hits. See DPOD Store for more detailed information about the field names.
By default, searches containing an aggregation return both search hits and aggregation results. To return only aggregation results, so that the query will be more efficient (performance wise), set size to 0.
A meaningful name should be given to the aggregation names since they are used as the subject name of the alert.
A System Health Metric alert should always be based on a search query containing an aggregation with the name “Device”. (See ‘Alert on Devices CPU over 80%’ as an example for adding a new metric)

Parameters (JSON)

(Hidden by default) Named parameters to replace placeholders in the query. i.e:

Investigate URI

An investigate link, included in the alert results, and displays the data that triggered each alert in DPOD Web Console.
To compose a URI, one should open the relevant dashboard that displays the data for a particular alert, enter the filters the alert uses, and copy the URI from after the #.
The values should be replaced with one of the following placeHolders:
${result:Aggs or source field name} , ${parameter:Parameter name} or ${threshold}.
For example:
apicTransactions:-apicApiNameOp:eq-apicApiName:${result:API}-errorMessageOp:eq-errorMessage:${parameter:messageTextSubstring}

Aggs to Ignore

Delimited list of aggregation names to ignore in results.

Query Period

The time frame for the alert's query

Operator

Operator for the alert's query

Threshold

The value to compare the query's result to (not applicable for alert types "any" and "list")

Field Name

Only applicable for alert type "list"

Value List

Only applicable for alert type "list" - the list of values delimited by the delimiter specified in the "delimiter" field



The Alert Filters section lets you specify additional criteria for the alert's query according to the product type and document type

Field

Description

Applicable Product Type

Field

Description

Applicable Product Type

Device

Which DataPower devices the alert's query should check

Gateway/API-C

Domain

Which DataPower domains the alert's query should check

Gateway/API-C

Client IP

Which Client IP’s the alert's query should check

Gateway/API-C

Service

Which DataPower services the alert's query should check

Gateway

Catalog

Which API-C catalog names the alert's query should check

API-C

Space

Which API-C space names the alert's query should check

API-C

Product

Which API-C product names the alert's query should check

API-C

Plan

Which API-C plan names the alert's query should check

API-C

API Name

Which API-C names the alert's query should check

API-C

API Version

Which API-C versions the alert's query should check

API-C

App Name

Which API-C names the alert's query should check

API-C



Copyright © 2015 MonTier Software (2015) Ltd.