Issues to send alerts to msteams and retrieve data from query

InfluxDB 2
1

Hi,

I am trying to create a task to send alerts to msteams but this is not working and I am having a hard time to figure it out the reason.
I have the following script

import "contrib/sranka/teams"

option task = {name: "Status Check", every: 1m}

data = from(bucket: "telegraf-unstable")
  |> range(start: -1m)
  |> filter(fn: (r) => r["_measurement"] == "fccstatus" and r["_field"] == "status" and r["_value"] < 1)

data
  |> group(columns: ["host"])
  |> map(fn: (r) => ({
      _time: r._time,
      _value: r._value,
      host: r.host,
      title: "FCC Status",
      text: "FCC ${r.host} status is Down",
      summary: "FCC status is ${r._value}",
    }))
  |> yield(name: "status_below_1")
  |> map(fn: (r) => teams.message(
    url: "https://myteams-webhook",
    title: r.title,
    text: r.text,
    summary: r.summary
))

this query should return all nodes with status down what means they have value=0 in the field status.
But I can’t even insert this query without influx just almost crash so I have tried to create a proper query using the alert option.

import "influxdata/influxdb/monitor"
import "influxdata/influxdb/v1"

data =
    from(bucket: "telegraf-unstable")
        |> range(start: -1m)
        |> filter(fn: (r) => r["_measurement"] == "fccstatus")
        |> filter(fn: (r) => r["_field"] == "status")
        |> aggregateWindow(every: 1m, fn: last, createEmpty: false)

option task = {name: "Name this Check", every: 1m, offset: 0s}

check = {_check_id: "0c037f01b7a1d000", _check_name: "Name this Check", _type: "threshold", tags: {}}
crit = (r) => r["status"] < 1.0
messageFn = (r) => "Check: ${ r._check_name } is: ${ r._level }"

data |> v1["fieldsAsCols"]() |> monitor["check"](data: check, messageFn: messageFn, crit: crit)

But this query fails everytime it says Completed(failed).

Any idea how I can just retrieve the nodes with status=0 and send the alert through teams for the nodes that are down?

Details:
Influxdb was deployed through the helm chart influxdb2
apiVersion: v2
appVersion: 2.3.0
name: influxdb2
description: A Helm chart for InfluxDB v2
home: InfluxDB | InfluxData
type: application
version: 2.1.1

Thank you
Best regatds

2

Hello @MrPeanultButter,
I recommend this approach to creating alert tasks rather than writing data from the _monitoring bucket:

I would just query for your data and alert if _value <1

Let me know if that helps! Thanks

3

Hi @Anaisdg thanks for the link and your suggestion I am trying to do this but I really don’t get this influx language.

import "array"
import "contrib/sranka/teams"

option task = {name: "testing", every: 1m, offset: 20s}

alert =
    (r) =>
        if r._value < 1 then
            teams.message(
                url: "myteams_webhook",
                title: "FCC Status",
                text: "An alert event has occurred! FCC \"${string(v: r._host)}\" is down.",
                summary: "critical",
            )
        else
            r._value

data =
    from(bucket: "telegraf-unstable")
        |> range(start: -1m)
        |> filter(fn: (r) => r._measurement == "fccstatus" and r._field == "status" and exists r._value)
        |> map(fn: (r) => alert(r))
        |> yield(name: "fcc")

else forces me to return an int but when the value is equal or greater than 1 yield tells me I need to return a table it seems.
I have tried to create a table but yield still complains.
Could you please help me to understand what am I doing wrong?

so basically if _value is not less than 1 I should return [_value] to satisfy yield, that’s what I think it expects.

Thank you.

4

I was able to solve the issue with the data type but still no alerts

import "array"
import "contrib/sranka/teams"

option task = {name: "testing", every: 3m, offset: 20s}

alert =
    (r) =>
        if r._value < 1 and exists r._host then
            teams.message(
                url:
                    "teams_webhook",
                title: "FCC Status",
                text: "An alert event has occurred! FCC \"${string(v: r._host)}\" is down.",
                summary: "critical",
            )
        else
            r._value

data =
    from(bucket: "telegraf-unstable")
        |> range(start: -1m)
        |> filter(
            fn: (r) => r._measurement == "fccstatus" and r._field == "status" and r._value == 0 and exists r._host,
        )
        |> map(fn: (r) => ({_value: alert(r)}))

data |> yield(name: "fcc")

Could it be the case I am not getting any record where value is 0? there are plenty of it in the last minute frame or there is something else am I missing?

5

ok I found the issue, tags are indexed without _(underscore) so I need to pass the tag value as r.tag and not r._tag.
Now it works.