Solved: Alert only when issue is detected?

posthum · ‎08-05-2014

Hi all,

I feel like I am missing something very basic when it comes to configuring email alerts for Log Insight 2.0.

I configure an alert, and would expect it to only ever email me if it comes across a log entry to trigger it. However I am finding that I am getting spammed constantly with messages from the alert stating that "0 new events found for alert", which strikes me as a bit unnecessary, alerts that run every 15 minutes can get very painful!

I've poked around the GUI and trawled through these forums along with reading the Log Insight doco and I can't seem to find a way to tell Log Insight to only email me if it finds an actual problem. I'm sure it is possible, I must just be blind!

Thanks!

sflanders · ‎08-05-2014

Can you post a screenshot of how you have the alert configured currently? It sounds like you have the threshold set in a way that is causing the problem. A query with a "match on any" threshold should do exactly what you want.

Hope this helps! === If you find this information useful, please award points for "correct" or "helpful". ===

View solution in original post

sflanders · ‎08-05-2014

Can you post a screenshot of how you have the alert configured currently? It sounds like you have the threshold set in a way that is causing the problem. A query with a "match on any" threshold should do exactly what you want.

Hope this helps! === If you find this information useful, please award points for "correct" or "helpful". ===

posthum · ‎08-07-2014

That was it! I suspected it would just be a lack of understanding on my part. Setting 'Match Any' has sorted the issue out for me. Thanks!

All

Alert only when issue is detected?

Content Packs