Get conditions from different nodes to trigger alert

InfluxDB 1 Kapacitor
,
1

Hi all,

here’s the case I’m trying to implement:
I have two different measurements, and when the value in both measurements remains above a given threshold, for more than 20 seconds, send an alert.
So, for example, if measurement_1 is above 0.1 and measurement_2 above 1.0, both for 20 seconds, or more, send an alert. So I came up with this:

var cpu_stuff = stream
    |from()
        .database('telegraf')
        .retentionPolicy('autogen')
        .measurement('cpu')
        .groupBy(*)
    |stateDuration(lambda: "usage_user" >= 0.1)
        .as('cpu_dur')

var other_stuff = stream
    |from()
        .database('telegraf')
        .retentionPolicy('autogen')
        .measurement('influxdb_database')
    |where(lambda: "database" == 'telegraf')
    |stateDuration(lambda: "numSeries" >= 1.0)
        .as('numSeries_dur')

var third_one = cpu_stuff
    |join(other_stuff)
        .as('cpu_q', 'other_q')
        .tolerance(20s)
        .streamName('multi_stuff')
    |eval(lambda: "cpu_q.cpu_dur" > 20 AND "other_q.numSeries_dur" > 20)
        .as('both_conditions')
    |alert()
        .message('cpu_q:{{ index .Fields "cpu_q.cpu_dur" }} other_q:{{ index .Fields "other_q.numSeries_dur" }}')
        .warn(lambda: "both_conditions" == TRUE)
        .slack()

But nothing is being sent, does anybody know what I’m doing wrong here?

2

I think alert needs a crit, warn or info parameter.

You can use .crit(lambda: TRUE) to trigger on all points.

3

I tried that as well, but something seems to be wrong with the way I join both streams.

4

Hi,

If you try to do the eval over each one separately, saving .as condition1 and condition2, and also the true check on the warn property twice (both true) is working?

Is just check if the whole sentence comparison is not well evaluated!

If neither works, debug with log() and ser whats going under…