I'm currently trying to set up alerts if an instance of our application is down.
However we have 40 Instances and I want to create an individual alert for each of them.
My log event is something of the kind of :
[timestamp] instance_name=test1 instance_state=0 description="lorem ipsum foo bar"
[timestamp] instance_name=test1 instance_state=1 description="lorem ipsum foo bar"
[timestamp] instance_name=test2 instance_state=0 description="lorem ipsum foo bar"
[timestamp] instance_name=test3 instance_state=0 description="lorem ipsum foo bar"
I created the search to find all instances that are down in a given timespan and know a little bit on how to set up alerts. However, when I set up my alert it always triggers as soon as any instance is down.
I want a separate alert if test1 is down and another if test2 is down, or elsewise I will get flooded with mails because we have a lot of instances. Also different users want to be informed for different instances (not all of them).
Is there a way to do this clean and proper or do I have to set up a search for each instance and create an alert for each instance? Is there a way to set up the aler to something regex-ish like test[0-9] and create individual mails for each match?
My current option would be to create about 50 individual alerts, which seems to me like a quick'n'dirty inproper approach.
Any links, tipps even search querys would help, since I'm not even sure what to search for on google and here....
↧