Alert definitions are a streamlined and centralized mechanism to alert on collected metric data. After alert thresholds are configured, alerts are generated.
To create an alert definition:
- Go to Infrastructure > Logs.
- On the left side of this page, click the Menu icon.
- From the MY LOGS VIEWS page, under QUICK LINKS, select Logs Configuration.The configuration page is displayed.
- From the configurations page, select the ALERTING tab.The alert details page is displayed.
- Click Add.
- Enter the following details:
Field | Description |
---|---|
Name | Name of the alert. |
LOGQL | Filter the logs for which you want to apply the alert definition. |
GROUP BY | This option gives you the flexibility to identify the resources based on specific properties.Below are the few recommendations to use in GROUP BY option to map the log alerts to resources:
|
Alert on no data | Select if you want an alert when no data is passed in the log. |
Alert Severity | Severity of the alert.
|
Operator | Select the operator from the drop-down.
|
Count | Specify the count.For example, if you specify the count as 10 and operator as > , an alert will be sent if more than 10 logs have been created. |
Duration | Specify the duration.For example, if you specify the duration as 60 seconds, count as 10, and operator as > , an alert will be sent if more than 10 logs have been created within 60 seconds. |
Alert on Heal | This option is applicable to heal critical and warning alerts. You can heal the alerts based on below conditions:
|
Subject | Enter the subject. |
Description | Enter the description for the alert definition. |
- Click ADD DEFINITION.The alert definition is created.
Or, you can also edit an existing alert definition from the alerting page and then modify the alert definition.
Delete an Alert Definition
- Go to Infrastructure > Logs.
- On the left side of this page, click the Menu icon.
- From the MY LOGS VIEWS page, under QUICK LINKS, select Logs Configuration.The configuration page is displayed.
- From the configurations page, select the ALERTING tab.The alert details page is displayed.
- Select an alert definition.
- Click Remove.The selected alert definition is deleted.