Create Dashboard for Alerting if events drop over time

james.liew · Post by **james.liew** » Tue Mar 21, 2017 2:43 am

Hi all,

Not sure if this is the right area of the forums but I've been looking for a way to create a dashboard(and subsequent alerting) that will send an email notification if the average events over a period of a week, a day etc drops off suddenly from 10000 events to 100 events.

Would this be possible to do from Nagios?

Thanks!

Post by **mcapra** » Tue Mar 21, 2017 12:28 pm

The dashboard would be easy enough if you looked at the total record count over a lengthy time period; Just look for dips in the graph.

The automated alerting side of things is not currently possible, though such features are something we've explored/discussed. The issue is always not how to implement it, but rather how to present it in such a way that all users understand it's value and can get something out of it.

Alerts are only good for specific record counts currently. There's no logic to check averages over time, slopes of data sets, that sort of stuff.

james.liew · Post by **james.liew** » Tue Mar 21, 2017 9:30 pm

Alerts are only good for specific record counts currently. There's no logic to check averages over time, slopes of data sets, that sort of stuff.

But these would be for specific record counts for logs I've setup in dashboard, correct? If I receive x amount of warnings or errors in Logserver.

E.g.

Filtering eventlogs of a specific type, like failed logins or process shutdown, etc on Windows.

Post by **mcapra** » Wed Mar 22, 2017 11:29 am

If you know what a healthy average would be, you can definitely configure the alert to fire if the count is less than that value using colons on the thresholds.

For example, if I wanted an alert to be "warning" when the count falls below 400 and "critical" if it falls below 200:

2017_03_22_11_28_44_Alerting_Nagios_Log_Server.png

james.liew · Post by **james.liew** » Thu Mar 23, 2017 3:52 am

Awesome, this looks like something I can do after all...

I can do it off the default dashboard and eyeball the count(if I go by a week or 30 day average, say). But I would need to change the check interval and lookback period to say, over a day or two.

Thanks!

Post by **cdienger** » Thu Mar 23, 2017 9:13 am

Glad we could point you in the right direction. Was there anything further we can help with or are we okay locking the thread?

james.liew · Post by **james.liew** » Thu Mar 23, 2017 9:40 pm

Hi,

I'm ok to have the thread locked, will it be searchable for future review?

Post by **cdienger** » Fri Mar 24, 2017 8:58 am

It will remain available after being locked.

Nagios Support Forum

Create Dashboard for Alerting if events drop over time

Create Dashboard for Alerting if events drop over time

Re: Create Dashboard for Alerting if events drop over time

Re: Create Dashboard for Alerting if events drop over time

Re: Create Dashboard for Alerting if events drop over time

Re: Create Dashboard for Alerting if events drop over time

Re: Create Dashboard for Alerting if events drop over time

Re: Create Dashboard for Alerting if events drop over time

Re: Create Dashboard for Alerting if events drop over time