Hi Guys
This is my first time posting to this community. I am usually kind of a Microsoft guy but I’m very impressed by the TICK stack so far. However I’ve run into a problem I cannot solve myself. I setup a TICK stack on a single Docker host running on Ubuntu Server 16.04 on top of a Win Server 2016 Datacenter HyperV host for a small project.
I’ve been using the GUI wherever it appeared feasible to keep things simple for the guy who’s actually maintaining the stuff afterwards.
I didn’t really like the visualization capabilities of Chronograf so I added a Grafana Container to the mix.
I defined a couple of alerts in Chronograf which I would now like to display in Grafana to make them easily and centrally available. I’m trying to query for all critical alerts that haven’t been followed by a “OK” alert afterwards.
I tried doing so using the following query which includes a subquery.
SELECT “alertID”, “value”, “message”, “level” FROM(SELECT * FROM “chronograf”.“autogen”.“alerts” WHERE time > now() - 5h GROUP BY “alertID” LIMIT 1) WHERE “level”=‘CRITICAL’ ORDER BY time DESC
Note: The time criteria is just for testing using Chronografs data explorer and I’m still running InfluxDB 1.4
To my understanding this should be working just fine however it still returns some alerts that have been followed by an “OK”.
I’m guessing “subqueries” are fully isolated from their respective superqueries although judging from the “ORDER BY” working from the superquery that might not be the case.
What am I doing wrong?
Thanks in advance.
