Page 1 of 1
Create Dashboard for Alerting if events drop over time
Posted: Tue Mar 21, 2017 2:43 am
by james.liew
Hi all,
Not sure if this is the right area of the forums but I've been looking for a way to create a dashboard(and subsequent alerting) that will send an email notification if the average events over a period of a week, a day etc drops off suddenly from 10000 events to 100 events.
Would this be possible to do from Nagios?
Thanks!
Re: Create Dashboard for Alerting if events drop over time
Posted: Tue Mar 21, 2017 12:28 pm
by mcapra
The dashboard would be easy enough if you looked at the total record count over a lengthy time period; Just look for dips in the graph.
The automated alerting side of things is not currently possible, though such features are something we've explored/discussed. The issue is always not how to implement it, but rather how to present it in such a way that all users understand it's value and can get something out of it.
Alerts are only good for specific record counts currently. There's no logic to check averages over time, slopes of data sets, that sort of stuff.
Re: Create Dashboard for Alerting if events drop over time
Posted: Tue Mar 21, 2017 9:30 pm
by james.liew
Alerts are only good for specific record counts currently. There's no logic to check averages over time, slopes of data sets, that sort of stuff.
But these would be for specific record counts for logs I've setup in dashboard, correct? If I receive x amount of warnings or errors in Logserver.
E.g.
Filtering eventlogs of a specific type, like failed logins or process shutdown, etc on Windows.
Re: Create Dashboard for Alerting if events drop over time
Posted: Wed Mar 22, 2017 11:29 am
by mcapra
If you know what a healthy average would be, you can definitely configure the alert to fire if the count is
less than that value using colons on the thresholds.
For example, if I wanted an alert to be "warning" when the count falls below 400 and "critical" if it falls below 200:
2017_03_22_11_28_44_Alerting_Nagios_Log_Server.png
Re: Create Dashboard for Alerting if events drop over time
Posted: Thu Mar 23, 2017 3:52 am
by james.liew
Awesome, this looks like something I can do after all...
I can do it off the default dashboard and eyeball the count(if I go by a week or 30 day average, say). But I would need to change the check interval and lookback period to say, over a day or two.
Thanks!
Re: Create Dashboard for Alerting if events drop over time
Posted: Thu Mar 23, 2017 9:13 am
by cdienger
Glad we could point you in the right direction. Was there anything further we can help with or are we okay locking the thread?
Re: Create Dashboard for Alerting if events drop over time
Posted: Thu Mar 23, 2017 9:40 pm
by james.liew
Hi,
I'm ok to have the thread locked, will it be searchable for future review?
Re: Create Dashboard for Alerting if events drop over time
Posted: Fri Mar 24, 2017 8:58 am
by cdienger
It will remain available after being locked.