Forum Discussion

Professor

7 years ago

eventsource uniqueness

As it stands, eventsources are impossible to use with alert policies because a single real-life event generates an unending stream of new alerts. You can ACK one, but it doesn't matter since the n...

mnagel

Professor

7 years ago

Let me add a simple idea that matches (in a limited way) how tools like SEC operate. Allow extraction of a key within the eventsource definition (this is the "desc" field in SEC, the thing that correlates different events). With this, we can then place linked/correlated events into a single bucket so that each new one is not considered new unless the bucket has aged out. Keeping a counter of those hits would also be handy. Ultimately, the right solution involves much more complexity, but as it stands getting alerts on eventsources is a giant PITA, yet there are times you really want to get them as alerts.

Thanks,
Mark

Forum Discussion

eventsource uniqueness

Related Content

Collection the data metrics where there are unique keys

Eventsource

Unique identifier for instances

LM Portal Integration Events - EventSource to alert on Alerting Integration failures

AWS Health Events Eventsource

Recent Discussions

Dashboard Sharing – An Inline Framing Method

2021-12-15 US Office Hours

Live Training - Tuning Datapoints and Alerts - 15th JUNE 2022 - APAC

Live Training - Introduction to Dashboards - 18th MAY 2022 - APAC

2022-05-11- APAC Product Overview -Collectors, Resources/Groups, Dashboards