Currently with rule type Frequency(or any other), we can configure count based alerts.
ex. if Error=404, occurs more than 5 times in last 1 hour.
But I want to configure % based alerts and not count based alert.
ex. If Error=404 goes beyond 10% in last 1 hour.
Is it possible to configure such alert ?
elastAlert allows anyone to create their own rules. So you can inspire yourself from what the frequency rule does and create a new one that works on percentage instead.
In your case, instead of creating a new rule you could simply subclass FrequencyRule and modify the behavior to fit your needs
Related
Sentry has the ability to setup a rule to ignore errors for a certain duration (1 day) or occurrence (< 10 times). I would like the ability to see these rules, is there a UI or programmatic way to access these? For example, here the Ui to create an ignore rule.
This is visible in the Activity tab in the issue detail.
For example, ignoring an issue:
Or ignoring if happens N times:
Not sure there's a specific API to get this. That said, you can see what APIs the front end uses, and just call those.
I have a system that regularly downloads files and parses them. However, sometimes something might go wrong with the parsing and I have the task to create a Prometheus alert for when a certain file fails. My
initial idea is to create a custom counter alert in Prometheus - something like
processed_files_total and use status as label because if the file fails it has FAILED status and if it succeeds - SUCCESS, so supposedly the alert should look like
increase(processed_files_total{status=FAILED}[24h]) > 0 and I hope that this will alert me in case there is at least 1 file with failed status.
The problem comes from the fact that I also want to have the
exact filename in the alert message and since each file has a unique name I'm almost sure that it is not a good idea to put it as label e.g. filename={filename} - According to Prometheus docs -
Do not use labels to store dimensions with high cardinality (many different label values), such as user IDs, email addresses, or other unbounded sets of values.
is there any other way I can achieve getting the filename from the alert or this is the way to go ?
It's a good question.
I think the correct answer is that the alert should notify you that something failed and the resolution is to go to the app's logs to identify the specific file(s) that failed.
Lightning won't strike you for using the filename as a label value in Prometheus if you really must but, I think, as you are, using an unbounded value should give you pause as to whether you're abusing the tool.
Metrics seem intrinsically (hunch) about monitoring aggregate state (an unusual number of files are failing) rather than specific (why did this one fail); logs and tracing tools help with the specific cases.
We are using ElastAlert for alerting on Elasticsearch data, and we have a bunch of rules. Now, some of those rules only make sense to run within business hours (like weekdays) and we would like to define the periods when the rule should run as part of the rule itself.
Would like to know if ElastAlert itself has this feature, or is there something that we can do it to implement this feature on our side.
There is a beta feature for this already, which supports cron syntax to define when the rule should run: https://github.com/Yelp/elastalert/issues/492#issuecomment-438024625
Another workaround is using Enhancements, a way of injecting custom code in ElastAlert, which run for every match. In the enhancement, you could essentially check if the time corresponds to non-business hours and drop the match in case.
I am new to AnyLogic. I need help on the following issue.
I would like to randomly select agents in a specific state. I would like to set up a parameter for the # of agents selected. For example, I would like to have a random sample of 10 people in illness state. I want to make the # of selection flexible, so I would like to use a parameter to set the # of random sample size, as well.
My vision is to have a slider to change the sample size in Main. I also set up a population called Patient and that will have a state charts includes health state and ill state. Among those who are in ill state, I would like to sample randomly with the number given by the parameter.
Would anyone help me with this?
I would try to make a list of individuals in the State you wanna select and then do a for loop to get the index of X individuals from that List. Where X is how many times the for loop will be executed and can be user-defined.
I've written a .NET app using the Okta.Core.Client 0.2.9 SDK to pull events from our organization's syslog for import into another system. We've got it running every 5 minutes, pulling events published since the last event received in the previous run.
We're seeing delays on some events showing up. If I do a manual run at the top of the hour for the previous hour's data, it'll include more rows than the 5-minute runs. While trying to figure out why I remembered the startDate param, mutually-exclusive with the filter one I've been using.
The docs don't mention much about it - just that it "Specifies the timestamp to list events after". Does it work the same as published gt "some-date"? We're capturing data for chunks of time, so I needed to include a "less than" filter and ignored startDate. But the delayed events have me looking for a workaround.
Are you facing delayed results using startDate or filter?
Yes published gt "some-date" and startDate work the same way. The following two API calls.
/api/v1/events?limit=100&startDate=2016-07-06T00:00:00.000Z
and
/api/v1/events?limit=100&filter=published gt "2016-07-06T00:00:00.000Z"
returns the same result. Since, they are mutually exclusive filter might come in handy in creating more specific queries including the other query parameters in your query using filter.