Triggering alert if message is not sent during a certain time frame

erichert · July 16, 2018, 1:30pm

I’m looking for a way to use GrayLog to detect if a specific message is not sent within a time frame. The company I work for is currently trialing GrayLog, and we’re looking to see if this would be possible. Every night we have a reboot sequence for most of our core infrastructure, and we need to listen to see if the log entry stating that everything is okay was sent to GrayLog.

Please let me know if this would be possible with stock GrayLog or with any available public plugins. Alternatively, if it would be necessary to get a custom plugin developed for this instance.

jochen · July 16, 2018, 1:56pm

You could create a stream which only contains the success messages and create an alert condition which fires, if the message is missing within the last 24 hours.

http://docs.graylog.org/en/2.4/pages/streams.html
http://docs.graylog.org/en/2.4/pages/streams/alerts.html

system · July 30, 2018, 1:56pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to setup alerts when stream has not received log for a period of time Graylog Central (peer support)	2	1113	August 9, 2018
Events based on NOT receiving a message Graylog Central (peer support)	2	921	July 8, 2021
Event Defintion - Alert Trigger - check if message is true in the last 10 minutes Graylog Central (peer support)	4	352	April 23, 2020
GrayLog 5 and Alerts Graylog Central (peer support)	3	257	June 30, 2023
Graylog alerting per unique message Graylog Central (peer support) pipeline-rules , route-to-streampl	3	821	November 1, 2017

Triggering alert if message is not sent during a certain time frame

Related Topics