m_mlk
November 17, 2022, 2:00pm
1
1. Describe your incident:
we have defined an alert based on an event.
2. Describe your environment:
OS Information: Ubuntu 20.04 LTS
Package Version: GL 4.3.9 + OpenSearch 1.3.3
Service logs, configurations, and environment variables:
3. What steps have you already taken to try and solve the problem?
I found several posts about the same subject but they weren’t answered:
Hi,
I am using Grylog for syslog monitoring.
I have a situation where I need to configure alert for say Event-A, where I should alert (through email) only the FIRST syslog message from the source-A and ignore the rest of the messages from source-A for Event-A until I see a discontinuity (no messages for 1 minute). For this Event-A, I will get only 2 messages for 1 min. It is also exceptable to have 2 emails for the initial 2 messages.
I have tried alert aggregation by source with the threshol…
Hi All,
Our developer team setting the application retry time = 0
That’s means if the error occur, we will receive so many alert mail.
Are there any function can do the aggregate to one mail or filter the same alert?
I Have a messages from AWS-Cloud trail to Graylog2. Now Cloud trail sends data after every 7-10 min only.
Now If I use eaither Alert Field Aggregate or directly the Aggregate plugin both looks for the message as (t - 10min) etc. i.e (current time - provided time in Interval field)
So when I give any time less than 10min then I won’t even get any alert, But if I give 15 min I get an alert but this alert generates only after 15 min. So every half hour it works only 2 times.
Instead is there any…
and Search results for 'alert aggregation' - Graylog Community
4. How can the community help?
How do you guys make it work?
Thanks!
There is a good explanation in one of the threads you listed:
Hi All,
Our developer team setting the application retry time = 0
That’s means if the error occur, we will receive so many alert mail.
Are there any function can do the aggregate to one mail or filter the same alert?
m_mlk
November 18, 2022, 10:23am
3
1 Like
system
December 2, 2022, 10:24am
4
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.
