US
Canada I do notice a difference in the amount of messages being processed by each node.
Canada (the slow one) has less rules but around 94,491 messages in the past 12 hours vs the US which is only getting 37,981 messages in the past 12 hours. The US does have 2000 or so rules where Canada only has 900. The weird thing is that the UI for both shows the jobs refreshing every minute.
The freshness data is based off of a check you guys helped me put together which seems to be working great. I did change it a little bit to be called with the check_mk agent we are using. Do you guys think that the ammount of traffic its receiving is effecting how long it takes these alerts to run? its quite a difference by a factor of 10 or so. Just looking for ideas.
Thank you guys.
Code: Select all
#!/bin/bash
latestalerttime=$(curl -s -XGET 'localhost:9200/nagioslogserver_log/_search?q=type:alert' -d '{
"query": {
"match_all": {}
},
"size": 1,
"sort": [
{
"created": {
"order": "desc"
}
}
]
}' | cut -d":" -f17 | cut -d"," -f1 | cut -c 1-10)
currenttime=$(date +%s)
#echo $latestalerttime
#echo $currenttime
#diff current time vs last alert runtime
diff=$(($currenttime - $latestalerttime))
if [ $diff -gt 300 ]; then
echo "2" " " "NagiosLogServerJobs" "Freshness=$diff" "All Jobs are Not Happy Freshness=$diff"
else
echo "0" " " "NagiosLogServerJobs" "Freshness=$diff" "All Jobs are Happy Freshness=$diff"
fi