Is it possible to create a single alert that triggers is event count is <1 on a per-host basis?
e.g. if I search **index=network-devices** and set the alert to trigger if event count is <1 in a 2 minute period, the alert would never unless ALL of my hosts were down.
Do I have to create an alert for every host? If so, is there a quick way to do this?
Edit: I don't think throttling works for this.
↧