Hi All,
I am a beginner in Kapacitor and still want to see how to improve our Alert. I have one issue as I want to find a way to distinguish for instance 2 Crit/Info or Warn alert…
Acutally in our lambda row with have 2 possibility (with an OR) to create for instance a Critical alert. The first one is when the value is less than a trheshold and the other one, when then Sigma value is higher than a value.
When I sent the alert detail in Influxdb, I don’t find a way to have the information, Alert Critical (Threshold) or Alert Critical (Sigma Variance). Is it something that can be done?
Find below my code :
dbrp “core”.“15m”
// Parameters
var info = 0.9
var warn = 0.8
var crit = 0.7
var infoSig = 0.5
var warnSig = 1
var critSig = 1.5
var period = 1h
var every = 1m
var messageField='message’
var durationField = ‘duration’
// Dataframe
var data = batch
|query('''SELECT last("VS.Gmm_succPsPagingProcGb_G")/last("VS.Gmm_attPsPagingProcGb_G") AS PsPaging2GSuccRate FROM "core"."15m"."core_ps_mme"''')
.period(period)
.every(every)
.groupBy('dom')
// Thresholds
var alert = data
|eval(lambda: sigma("PsPaging2GSuccRate"))
.as('sigma')
.keep()
|alert()
.id('{{ .Name }}/{{ index .Tags "dom" }}')
.message('{{ .ID }} {{ .Level }} value:{{ index .Fields "PsPaging2GSuccRate" }}')
.info(lambda: "PsPaging2GSuccRate" < info OR "sigma" > infoSig)
.warn(lambda: "PsPaging2GSuccRate" < warn OR "sigma" > warnSig)
.crit(lambda: "PsPaging2GSuccRate" < crit OR "sigma" > critSig)
.StateChangesOnly()
.idTag('alertID')
.levelTag('level')
.durationField(durationField)
.messageField('message')
|influxDBOut()
.create()
.database('alerts')
.measurement('core_ps_mme')
.tag('name', 'PsPaging2GSuccRate')
Many thanks experts for your help.
Regards
