Kapacitor stream / batch

InfluxDB 1 Kapacitor
1

Hello Team, i have created my alert under kapacitor.
Now i can set my alert for Disk , memory and CPU on slack and log function() . I was able to edit my alert in chronograf but only in Stream mode .
so far so good i can edit the alert and update the TICKscript variable.
now i faced a issue ti have updated my SQL and the alert was not triggered in batch mode and idon’t know why .
i’m pretty confused about the TICKScript language.
here my config:

ar db = 'sys_metrics'

var rp = 'one_month'

var measurement = 'cpu'

var groupBy = ['host']

var whereFilter = lambda: ("cpu" == 'cpu-total') AND isPresent("usage_idle")

var name = 'CPU alert'

var idVar = name

var message = 'ttt'

var idTag = 'alertID'

var levelTag = 'level'

var messageField = 'message'

var durationField = 'duration'

var outputDB = 'chronograf'

var outputRP = 'autogen'

var outputMeasurement = 'alerts'

var triggerType = 'threshold'

var crit = 80

var period = 10s

var every = 10s

// A circular rewrite
var data = batch
    |query(''' SELECT 100 + mean(usage_idle)*-1 AS stat  FROM "sys_metrics"."one_month"."cpu" WHERE cpu = 'cpu-total' ''')
        .period(period)
        .every(every)
        .groupBy('host')
    |eval(lambda: "stat")
        .as('value')

var trigger = data
    |alert()
        .crit(lambda: "value" > crit)
        .message(message)
        .id(idVar)
        .idTag(idTag)
        .levelTag(levelTag)
        .messageField(messageField)
        .durationField(durationField)
        .log('/tmp/CPU_Alert.log')

trigger
    |eval(lambda: float("value"))
        .as('value')
        .keep()
    |influxDBOut()
        .create()
        .database(outputDB)
        .retentionPolicy(outputRP)
        .measurement(outputMeasurement)
        .tag('alertName', name)
        .tag('triggerType', triggerType)

trigger
    |httpOut('output')
2

Hi @Julien_BRUNET

As to why, I’m not sure, it could be you’re running in to a race condition if your batch doesn’t finish in time or your aggregated values don’t exceed your threshold.

You can use


 kapacitor watch taskname

This should show you what our batch script is doing. If you see entries for “starting batch task”…“finished batch task” then your scirpt is querying fine (the wording might be different, can’t quite remember).

You can also try kapacitor show taskname that will show you the “flow” of the script, in there you will be able to see if there are any errors with the script itself (missiing field, field type mismatch etc).if you see errors on one of the nodes, then sudo tail -f /var/log/kapacitor/kapacitor.log | grep "taskname" will show you why it is failing (if it is).

Can i ask, is there a reason you are using a batch task to generate alerts? Personally I use stream tasks for alerts and batch tasks to down sample my data.
Personally, i would build this as a stream task. If you want to alert on a set time frame of data you can use the |window() node in your script.

Hope that helps a little, I’ll be back online tomorrow so let me know if you have any luck.

1 Like