-
Notifications
You must be signed in to change notification settings - Fork 1
/
alerts-trigger_tab.html
328 lines (305 loc) · 14.4 KB
/
alerts-trigger_tab.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
<!DOCTYPE html >
<html lang="en">
<head>
<title> Logscape Documentation </title>
<script src="js/kiss.js"> </script>
<link href="css/bootstrap.min.css" rel="stylesheet"/>
<link href="css/style.css" rel="stylesheet"/>
<!--link(href="css/font-awesome-4.0.3/css/font-awesome.min.css",rel="stylesheet")-->
<link href="css/style-app.css" rel="stylesheet"/>
<link href="css/app.css" rel="stylesheet"/>
<link href="//vjs.zencdn.net/4.9/video-js.css" rel="stylesheet"/>
<script src="//vjs.zencdn.net/4.9/video.js"></script>
<script src="js/jquery-1.11.0.js"></script>
<script src="js/bootstrap.min.js"></script>
<script src="js/navigation.js"></script>
<script>
function googleTranslateElementInit() {
new google.translate.TranslateElement({pageLanguage: 'en', layout: google.translate.TranslateElement.InlineLayout.SIMPLE}, 'google_translate_element');
}
</script>
<script src="//translate.google.com/translate_a/element.js?cb=googleTranslateElementInit"></script>
<script>
var breadcrumbs={
"gettingstarted":"Getting Started"
,"searching":"Search"
,"kv":"Data Discovery"
,"offsets":"Using Offsets"
,"geoip":"Geo IP"
,"pattern":"Using Search Patterns"
,"video":"tutorials"
,"overlays":"Overlaying Searches"
,"starthere":""
,"ds":"Data Sources"
,"add":" Add a New Data Source"
,"multitags":" Using Multi-Tags"
,"syslog":" Connect Syslog Clients"
,"tags": " Sources and Tags"
,"intelligent_field_discovery":" Intelligent Field Discovery"
,"types":"Data Types"
,"system_fields":"System Fields"
,"deploy":"Deployment"
,"app":" Logscape Apps"
,"agents": "Agents "
,"architectures_default": " Default Deployment"
,"architectures_failover": "Failover"
,"architectures_indexstores": " Index Stores"
,"architectures_tenured":"Tenured Data"
,"architectures_zones":" Zones"
,"Backup": "Backup"
,"home":" The Home Workspace"
,"import":" Restoring from Backup"
,"partial": " Selective Import"
,"arch_zoning":"Distributed Topology"
,"arch_clm":"Centralized Monitoring Topology"
,"arch_indexstores":"Multiple Index Store Topology"
,"rawtcpserver": "Tcp Server"
,"syslogserer":"Syslog Server"
,"centralconfigs":"Centralized Configuration"
,"boot_properties":"Boot Properties"
,"users":"Users"
,"datagroups": "Data Groups"
,"nested": "Nested Groups"
,"faq":"Frequently Asked Questions"
,"ldap":"Active Directory"
};
$(window).load(function(){
function genLink(arr,idx){
if (idx<0) { return "/"; }
var l="/"
for(i=0;i<=idx;i++){
l=l + arr[i] + "-" ;
}
return l.substring(0,l.length-1) + ".html";
}
function upperFirst(string){
return string.charAt(0).toUpperCase() + string.slice(1);
}
function renderCrumbs(page){
//console.log("rendering breadcrumbs for page:" + page)
if (page.indexOf("-") < 0){
//console.log("<a href='/index.html'> Home </a> > <a href=" + page + ".html>" + page);
return ("<a href='/index.html'> Home </a> > <a href=" + page + ".html>" + upperFirst(page));
}
var parts=page.split("-");
var idx=0;
//console.log("rendering " + parts);
var html="<a href='"+genLink(parts,-1)+"'> Home </a>";
for(idx=0;idx<parts.length;idx++){
k=parts[idx];
html=html + "<a href="+ genLink(parts,idx) + ">";
if (breadcrumbs.hasOwnProperty(k)){
html=html + " >> " + breadcrumbs[k];
}else{
//console.log("nathen - " + k[0]);
html=html + " >> " + upperFirst(k.replace(/_/g, ' '));
}
//console.log(".");
}
//console.log("this far!!!");
return html
}
var elems=window.location.href.split('?')[0].split('/');
var currentPage=elems[elems.length-1].split('.')[0]
//console.log("crumb>" + renderCrumbs(currentPage));
$('#widget-bc').html(renderCrumbs(currentPage));
});
</script>
<script>
var blogFeed;
function parseRSS(url, callback) {
$.ajax({
url: document.location.protocol + '//ajax.googleapis.com/ajax/services/feed/load?v=1.0&num=10&callback=?&q=' + encodeURIComponent(url),
dataType: 'json',
success: function(data) {
callback(data.responseData.feed);
}});
}
$(window).load(function() {
parseRSS("http://blog.logscape.com/feed",function(feed){
var num = feed.entries.length;
for(i=0;i< num;i++){
var title=feed.entries[i].title;
//var link=feed.entries[i].
link=feed.entries[i].link;
$(".resource-list ul").append("<li><a href='"+link+"'>"+title+"</a> </li>")
blogFeed=feed;
}
});
});
</script>
<script>
$(window).bind("pageshow",function(){
var $form= $("form")[0];
$form.reset();
});
</script>
<script>
function submit_form(){
var q=$("#searchBox").val()
q=encodeURIComponent(q)
var query="https://www.google.com/?gws_rd=cr&q=site:logscape.github.io+#q=site:logscape.github.io+"+q
var location = window.location.href;
console.log("back:" + location);
history.pushState({},"",location);
window.location.replace(query);
}
</script>
</head>
<body>
<div style="width:100%;height:85px;background-color:#2980B9;">
<!--div
a(href="/") Documentation
a(href="") Forums |
a(href="") Getting Started |
a(href="") Logscape |
-->
<div style="padding-left:100px;padding-top:25px"><a href="/index.html"> <img src="images/logscapeSupport.png" style="height:45px"/></a>
<div style="float:right" class="col-md-3">
<form id="cse-search-box" action="" style="position:right;padding-top:5px;padding-bottom:5px" onSubmit="submit_form()">
<input type="hidden" name="cx" value="015161349156186070243:ktxh8djpql8"/>
<input type="hidden" name="ie" value="UTF-8"/>
<input id="searchBox" type="text" name="q" size="31" style="margin-left:15px"/>
<input id="cseSubmit" type="submit" value=" " class="btn-search"/>
</form>
</div>
</div>
</div>
<div id="navdiv" style="width:100%;height:40px;background-color:#373737;box-shadow: 0 0 2px #999;color:white;">
<div style="padding-left:70px;padding-top:10px"><a href="/Cloud-Introduction.html">Cloud | </a><a href="http://blog.logscape.com/dwqa-questions/">Forums | </a><a href="/apps.html">Apps | </a><a href="http://www.logscape.com">Logscape.com </a>
<div id="google_translate_element" class="float-right display-inline"></div><img style="height:0;width:0" src="http://logscape.com/images/track.png?version=support"/>
</div>
</div>
<!--.container-fluid.navbar(style="min-height:30px;margin-bottom:5px;")
.row(style="height:5px")
.row
.col-md-8
.col-md-1
-->
<div class="container-fluid">
<!--.row
.col-md-7
form#cse-search-box(action="",style="position:right;padding-top:5px;padding-bottom:5px",onSubmit="submit_form()")
a(href="/")
img(src="images/logo.png",style="padding-top:0px,padding-right:15px",width="150")
input(type="hidden",name="cx",value="partner-pub-2789521296837340:9402765321")
input(type="hidden",name="ie",value="UTF-8")
input#searchBox(type="text",name="q",size="31",style="margin-left:15px")
input.btn-search#cseSubmit(type="submit",value=" ")
a(href="http://apps.logscape.com") Apps |
a(href="http://support.liquidlabs.co.uk") Release 1.3 |
a(href="http://logscape.activeboard.com/") Forums |
a(href="gettingstarted.html") Getting Started
-->
<div class="row">
<div class="col-md-2"></div>
<div class="col-md-5">
<div id="widget-bc" padding-left:150px="padding-left:150px" class="breadcrumbs style"> </div>
</div>
</div>
<div class="row">
<div class="col-md-2 nav-padding">
<ul class="nav nav-tabs nav-stacked"></ul>
<!--ul.nav.nav-tabs.nav-stacked
li
a(href="searching.html")▶ Search
li
a(href="workspaces.html")▶ WorkSpaces
ul
li
a(href="ds.html")▶ Data Sources
li
a(href="types.html")▶ Data Types
li
a(href="deploy.html")▶ Deployment
li
a(href="users.html")▶ Users
li
a(href="alerts.html")▶ Alerts
li
a(href="technology.html")▶ Technology
li
a(href="release-notes.html") Release Notes
li
a.twitter-follow-button(href="https://twitter.com/logscape",data-show-count="false",data-size="large") Follow @logscape
script.
=!function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0],p=/^http:/.test(d.location)?'http':'https';if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src=p+'://platform.twitter.com/widgets.js';fjs.parentNode.insertBefore(js,fjs);}}(document, 'script', 'twitter-wjs');
-->
<div style="padding-left:50px">
<h4>Articles </h4>
</div>
<hr/>
<div class="resource-list">
<ul style="list-style:none;padding-left:10px;background-color:#FFFEE7"> </ul>
</div>
</div>
<div class="col-md-9 content-area">
<div class="container-fluid">
<div class="row">
<div class="col-md-8">
<h3>Trigger Tab </h3>
<p>These settings define the trigger conditions for an alert. When the trigger condition is met, the alert is fired and any configured alert actions are executed. </p><strong> Numeric Trigger Condition </strong>
<p>This is the minimum number of events required to trigger the alert. In the example below, if the search returns 3 events or more then the alert is triggered. </p>
<div class="image"> <img src="images/alerts-numericform.png"/></div>
<p>In this example, the alert will fire when 3 valid events are discovered by the trigger search. </p><strong> Expression</strong>
<p>A search expression can be used as a trigger condition for the alert. Any of the fields available from the search that evaluate to true or false can be entered in this field. The example below shows a cpu based search. </p>
<div class="image"><img src="images/alerts-expressionform.png"/></div>
<p>The alert will trigger when the cpu field value is greater than 80%.</p><strong>Correlatation</strong>
<p>Correlated events are used to study a time window for a sequence of values, or average. While correlated events can be used on almost any form of data, they’re at their best when dealing with data such as audit or webserver logs due to the nature of key value pair error codes, but they will excel in any environment that makes use of error messages or codes.</p>
<p>Correlation events have the following fields</p>
<blockquote>Time Window - The window in seconds to look for your event value<br/>Type - Sequence or Average<br/>Event Value - The sequence(comma seperated or average value to look for)<br/>Correlation Field - The field to check<br/>Correlation Key - Additional field, Allows you to group values, i.e _host, would mean all values would need to be from one host</blockquote>
<div class="image"><img src="images/alerts-correlated.png"/></div>
<p>Specifying your type as sequence means that the event must occur N times in a row, without another event inbetween, using the correlation field it is possible to group the events, by for example host, meaning N events in a row must originate from the same host, and events from other hosts will not infringe upon this, When choosing sequence, the values to look for must be added to the event value field and seperated by comma's. Choosing avg will simply average the value over the duration of your capture period.</p>
</div>
</div>
<div class="row">
<div class="col-md-11"><br/><br/><br/>
<div id="disqus_thread">
<script>
/* * * CONFIGURATION VARIABLES: EDIT BEFORE PASTING INTO YOUR WEBPAGE * * */
var disqus_shortname = 'logscape'; // required: replace example with your forum shortname
/* * * DON'T EDIT BELOW THIS LINE * * */
(function() {
var dsq = document.createElement('script'); dsq.type = 'text/javascript'; dsq.async = true;
dsq.src = '//' + disqus_shortname + '.disqus.com/embed.js';
(document.getElementsByTagName('head')[0] || document.getElementsByTagName('body')[0]).appendChild(dsq);
})();
</script>
</div>
</div>
</div>
</div>
</div>
</div>
<!--
hr.dark
.col-md-3
Logscape Copyright 2014(c) Registered Trademark
-->
</div>
<script>
$( document ).ready(function() {
$("#cseSubmit").on("click",function(e){
e.preventDefault();
submit_form();
});
$("#searchBox").on("keypress",function(e){
if (e.keyCode == 13) {
e.preventDefault();
submit_form()
}
});
});
</script>
<script>
(function(g,i,a,n,t,s){g['SeeYourVisitors']=n;g[n]=g[n]||function(){
(g[n].q=g[n].q||[]).push(arguments)},g[n].l=1*new Date();t=i.createElement(a),
s=i.getElementsByTagName(a)[0];t.async=1;t.src='//seeyourvisitors2.appspot.com/gg.js';
s.parentNode.insertBefore(t,s)})(window,document,'script','gg');
gg('create', 'd1a8b082-8806-4793-936f-35f5e41b3592');
gg('track');
</script>
<script src="js/ga.js"> </script>
</body>
</html>