Hi,
I have been working with Kapacitor to to alert when we stop receiving data, I tried using stream but had memory and stability issues I think because the period was so long. I changed to using batch using the tick script below.
The alerting is working but when the data is written back to influxdb for the dashboard the time is the time of the last measurement which doesn’t change when the alert changes from warn to crit so the dashboard is unable to show the correct status.
Does anyone have any idea if its possible to do what want?
// A nanoseconds
var nano_second = 1000000000
var nano_hour = 60 * 60 * nano_second
// 36 hours
var warn = 36 * nano_hour
// 48 hours
var crit = 48 * nano_hour
var period = 72h
var every = 1m
// Dataframe
var data = batch
|query('''SELECT last("count") AS "value" FROM "trp"."autogen"."integration"
WHERE ("type" = 'member' OR "type" = 'subscription') ''')
.groupBy('host', 'rem_chain_id', 'type')
.period(period)
.every(every)
// Thresholds
var alert = data
|eval(lambda: unixNano(now()) - unixNano("time"))
.as('diff_value')
|alert()
.id('{{ index .Tags "host"}}-integration-{{ index .Tags "type"}}-{{ index .Tags "rem_chain_id"}}')
.message('{{ index .Tags "host"}} - INTEGRATION {{ .Level }} - {{ index .Tags "rem_chain_id"}} - {{ index .Tags "type" }}')
.warn(lambda: "diff_value" > warn)
.crit(lambda: "diff_value" > crit)
.idTag('id')
.levelTag('level')
.messageField('message')
.stateChangesOnly(48h)
.slack()
.workspace('test')
