monitoringsplunksplunk-queryalerts
Splunk Alert - custom trigger condition - trigger alert if percentage failure increase by 1% in last 15 minutes
I am trying to send alerts if in last 15 minutes failureThreshold increases by 1%, Following is the Splunk query that returning percentage failureThreshold:
index=*apiGateway* Consumer=* ServiceName=creditcard.* host=*gateway* HTTPStatus=* earliest=-15m@s
| stats count as Total count(eval(HTTPStatus > 499)) as Failure
| eval failureThreshold=Failure*100/Total
| table failureThreshold
from Alert window - I am running this query after every 5 minutes and choose custom trigger condition, need suggestions how to check condition failureThreshold > 1
Solution
I've found it easier and more reliable to put the alert threshold in the search and have the alert trigger when the number of results is not zero.
index=*apiGateway* Consumer=* ServiceName=creditcard.* host=*gateway* HTTPStatus=* earliest=-15m@s
| stats count as Total count(eval(HTTPStatus > 499)) as Failure
| eval failureThreshold=Failure*100/Total
| where failureThreshold > 1
| table failureThreshold
- How to monitor number of syscalls executed by kernel?
- App Service Status Running with failed startup
- How can I monitor data on a serial port in Linux?
- ECS metric does not match EC2's
- Monitoring/Alert Rules Requirements for Azure Web Apps, Server Farm vs WebSite
- Prometheus service discovery with docker-compose
- How can I get a production server alert log in my Slack channel?, so that if there is a problem I will be notified as soon as possible
- What additional benefits can Sentry.IO provide over Application Insights for ASP.NET Core?
- How to monitor a complete directory tree for changes in Linux?
- How do I make my program watch for file modification in C++?
- How do you compute the performance impact of a eBPF probe?
- Increasing Prometheus storage retention
- How to monitor a Windows Service on an Azure VM?
- Cadvisor "mountpoint for cpu not found"
- Multiple email receivers in prometheus alertmanager "to" field
- How to reload prometheus config without restarting?
- Catch "nodes" interactions at RequestResponse level (K8s Audit Policy)
- message.embeds from discord.py library cant see embed from SD.C Monitoring bot
- PowerShell script to check the status of a URL
- Prometheus PromQL Rateinterval from midnight to now
- Need to monitor invalid objects from different DBLinks
- VictoriaMetrics (VM Agent) relable metrics pattern
- Is it possible to replicate Prometheus?
- Can the Slurm job statistics (from seff and sacct) be trusted?
- Filter input metrics in vmagent (prometheus)
- How to monitor a systemd service using telegraf?
- Context Deadline Exceeded - prometheus
- Retain Metric Values in Prometheus TSDB Across Application Restarts?
- Creating HTTP code 500 alert using Datadog monitoring multiple systems in the same alert
- why the static variable value is printed before the system start message in the output