Your first Alert.
For more tutorials check out the Tutorials section.
Open up your Logscape Manager
Click Settings Menu
Click to open the Alerts Tab
This is the General Tab, of the alerts page, it is used for configuring the Data Group as well as the schedule.
The Schedule makes use of standard CRON notation
Clicking this dropdown will provide a list of the most common task schedules.
You can also select the Data Group in this dropdown.
Click to move through to the Trigger tab
The Trigger Source can be set to any of your pre-saved searches. This dropdown is populated with all searches within your environment.
The Numeric trigger condition will cause your alert to trigger if the number of events captured by your search exceeds that of the value you specify.
The Expression trigger will expose fields from your search and allow you to apply filters, if an event meets the criteria an alert will be triggered.
The Correlation trigger allows you to specify a time window, a type(Either sequence or average), the values, for average a single value, for series a comma separated list. The field to average of look for a sequence from, and a key. I.e _host
Click through to the Actions tab.
The Email section defines who email, who to show the email from, the subject line as well as the body of the message.
The Report Tab allows you to specify which Alert's will be included in your emailed alert.
The Groovy Script tab allows you to provide a groovy script that will be ran if the alert triggers.
Writing to file will simply write the event to, the name can be customised with the following labelsSearch - The title of the Alerts Trigger Searchschedule - The title of the Alertdate - Date of the Triggertime - Time of the Trigger
Click the Stream tab
The Streaming Tab is quite advanced, and won't be covered in this tutorial, you can find out more about it on the Logscape support site.
The same as a search or datasource the name of your alert can be set freely
Once you're finished, click the Save button.
That's it. You're done.
