Sideload exclude list for hosts with specific instances

Hello,

I am looking for a solution where we can create a much advance and complex exclusion list.
I was reading and Sideload seems to be of help.

Please consider this simplified used case (for brevity only 3 hosts but in production there are hundreds of hosts)

We got 3 Hosts:
Host_1
Host_2
Host_3

3 Target process to exclude from alerting:
Process_31
Process_42

Exclude Process_31 on Host_1 from alerting.
Exclude Process_42 on Host_2 from alerting.
Host_3 would alert on both.

Example of a Sideload Directories:

/usr/
└─new_sideload/
|
|_ process/
|_ Host_1.yml
|_ Host_2.yml

How to handle this in the yml file:
I could think of the following but it does not work and alert on all processes.

Host_1.yml
blacklist_proc: Process_42
Host_2.yml
blacklist_proc: Process31
Or
Host_1.yml
Process31: FALSE
Host_2.yml
Process_42

Would love to hear if anyone has any idea.

Hello @Ashish_Sikarwar,
I’m not sure. I’m passing this along to our Kapacitor experts.

Thank you @Anaisdg
Just out of curiosity, do you have any idea if this scenario can be handled in flux alerting?

Hello @Ashish_Sikarwar,
I’m not sure I completely understand what it is that you’re trying to achieve. Can you please break it down for me a little bit more?
Sideload is similar to csv.from() in Flux though.

Hello @Anaisdg,
Sure let me break it down.

Our requirement was to create 1 alert per test which can also handle different condition/threshold for different host.

Example:
Assuming we have an Alert for CPU Consumption by .exe or Processes like python.exe chrome.exe etc
Client/Host A does not to alert on Chrome
Client/Host B wants to alert on Chrome but not on python

Now I was able to make use of the following document and created host based thresholds.

Next Level: Where we can either use the same sideload or flux csv feature to create much more complex condition as mentioned above.

Also it does not look like we can use .csv to our advantage for creating and using alert thresholds?

Hello @Ashish_Sikarwar,
How do you mean? You can use csv.from() within your task and then use the information in the csv to craft your task for alerting.

Hello @Anaisdg,
First look it did not look like but i see what you are saying.
I will try it out.
Thanks a lot!

Hello @Anaisdg,

We got 2.0 setup.
I see there are tasks and alerts how can i write a script to do the following:

#1 Get data for a specific window of time
#2 Process/Filter
#3 Alert

I do not see alert node, can i only use UI or we can write our own query/script for alerting?

Hello @Ashish_Sikarwar,
You can either write tasks scripts through the UI or you can use the API.
Here is the Visual Studio Flux extension:

Here are some blogs relevant to you:

• Downsampling with InfluxDB v2.0
• TL;DR InfluxDB Tech Tips – Using Tasks and Checks for Monitoring with InfluxDB
• TL;DR InfluxDB Tech Tips – How to Monitor States with InfluxDB

Here is the API documentation for:

• querying InfluxDB
• creating a Task
• creating an Alert

Endpoints for alerts:

• Pagerduty, Slack, Post
• Discord
• Telegram, Opsgenie, Sensu, Microsoft Teams
• Pushbullet
• Send alert emails
• http.endpoint()

Here is blog post for creating custom Flux notification endpoints in case you’re interested in contributing one.
Contributing Third Party Flux Packages: A Discord Endpoint Flux Function

Thanks a lot @Anaisdg
I also found the following

A great and useful topic for me, thanks!