Alert and events systems from v 3.1

pirona · August 21, 2019, 2:07pm

Hello,

I love the new alert system, which is way better than the old one, except the following points :

filter and aggregation : can I look for values between a maximum and a minimum ?
documentation : is it really up to date ?
notifications : how can i get a list of the usable variables in a template ? For instance : ${stream_url} doesn’t get me anything in

--- [Event Definition] ---------------------------
Title:                ${event_definition_title}
Description:          ${event_definition_description}
Type:                 ${event_definition_type}

--- [Stream] ---------------------------
Stream ID:            ${stream.id}
Stream:               ${stream_name}
${if stream_url}Stream Url: ${stream_url}${end}

--- [Event] --------------------------------------
Timestamp:            ${event.timestamp}
Message:              ${event.message}
Source:               ${event.source}
Key:                  ${event.key}
Priority:             ${event.priority}
Alert:                ${event.alert}
Timestamp Processing: ${event.timestamp}
Timerange Start:      ${event.timerange_start}
Timerange End:        ${event.timerange_end}
Fields:
${foreach event.fields field}  ${field.key}: ${field.value}
${end}
${if backlog}
--- [Backlog] ------------------------------------
Last messages accounting for this alert:
${foreach backlog message}
${message}
${end}
${end}

jan · August 22, 2019, 6:15am

filter and aggregation

When you can express that in a query - you can do that. Means the data must be stored as numbers and not as strings

documentation

it is not up to date currently. We are working on this and the changes should be available in the next days.

notifications

that will be part of the documentation

pirona · August 22, 2019, 7:21am

Thanks Jan !
Keep up the good work, Graylog is getting a really nice and mature solution.

pirona · August 27, 2019, 12:35pm

Hello,

I’m still having an issue with notifications.

None of the variables I’m trying from the page are working.
I’m asking again because I’ve seen some changes on the page.

Am I doing this wrong or is this page still a work in progress ?

Thanks ahead !

jan · August 27, 2019, 12:37pm

it is still work in progress - but should already give you some ideas.

system · September 10, 2019, 12:53pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Graylog 3.1 Alert Notification using Event Definition with Aggregation Graylog Central (peer support)	15	2849	January 5, 2020
How to make my email alerts more descriptive? Graylog Central (peer support)	5	5059	May 21, 2020
Email Alert Notification Graylog Central (peer support)	6	1160	August 3, 2020
Graylog 3.1.4 Alert Backlog Issue Graylog Central (peer support)	2	455	November 25, 2020
Alert Email Template link to the messages Graylog Add-ons	2	2333	April 10, 2018

Alert and events systems from v 3.1

Related topics