When an alert is triggered any configured actions are executed. Actions are not mutually exclusive. Multiple actions can be executed simoultaneously when an alert is triggered.
Reports can be attached to the Email notification that are sent when alerts are triggered. To add a report to an email simply put the Search or Workspace name into the Report field.
To add multiple reports add a comma separated list of Searches and Workspaces. When the alert is triggered a pdf will be attached to the email .
Reports can be attached to the Email notifications that are sent when alerts are triggered. To add a report to an email simply put the Search or Workspace name into the Report field.
By default emails are as sent in RAW mode, which is a table showing the events that triggered the alert. Emails can also be sent using the EVENT mode which is a tabular view of the trigger events, where eEach column in the table is a field from the type defined for the data. To enable a mode type '[EVENTS]' or '[RAW]' in the message body of the email.
By default links included in Logscape mails will use HTTP, however this can be modified to HTTPS by setting the
mailLinkProtocolto "https".
======== EVENTS ======== Batch,Time,MinNodeRxSuccess,GridRxSuccess,MinNodeTxSuccess,GridTxSuccess ,RxDeltaPct,TxDeltaPct,Delta,_type,_host,_filename,_tag,_agent,_path,7510,Tue Jul 24 00:16:51 BST 2012,0.9994015559545183,0.9990661590402988,0.6,0.998323681804328,0.0000, 39.8324,1,coh-net,WOK-ENV-COH05,2012072400-network-health.txt,qa-md,CohJmxQAAgent, /var/sb-logs/coherence/qa/market-data/report/2012072400-network-health.txt,
This action writes the events to a file. The file name can be customised with the following labels
The following entry:
/var/logs/logscape-alerts-{search}-{YYYYMMDD}.log
will produce the following filename
When an alert is fired a groovy script is executed when scripts actions are enabled. The groovy script has access to all the event details related to the triggering alert. A HashMap sortedEvents is made available to the groovy script and can used to siphon data out of Logscape into other systems, e.g tickets systems, message buses databases and so on.
Sorted Events Key MapThe events key map contains the following the keys:
The example below will write the events level and message to a database.
sql = Sql.newInstance("jdbc:sqlite:C:/home/logscape/work/trigger-data.db","org.sqlite.JDBC") sortedEvents.each(){ event - server = event["server"] date = event["Date"] level = event["Level"] exception = event["Exception"] sql.execute("INSERT INTO events (date,host,logLevel,message) VALUES ("+date+","+server+","+level+","+exception+")" )
This example sends data to the logger.
import org.apache.log4j.Logger import com.liquidlabs.log.search.ReplayEvent; def id = 0 for (ReplayEvent event : sortedEvents) { def keys = event.keyValueMap.keySet() def values = event.keyValueMap.values() logger.warn("FROMALERT: ["+id+"] keys = " + keys.toString()) logger.warn("FROMALERT: ["+id+"] values = " + values.toString()) id++ }