Solved: Alerts dont work

HansdeJongh · ‎02-18-2015

Hi,

I have created a queries (which work) and i created an alert (which doesn't work) based on that query.
I dont understand why. Even when i open the alert it will show the results in the "count of events over time", so the query is correct

Dunno what im doing wrong...

help?

Regards

Hans

sflanders · ‎02-18-2015

Can you restart the master node and then see if alerts work?

Hope this helps! === If you find this information useful, please award points for "correct" or "helpful". ===

View solution in original post

sflanders · ‎02-18-2015

Can you attach screenshots of the query and of the alert dialog box?

Hope this helps! === If you find this information useful, please award points for "correct" or "helpful". ===

admin · ‎02-18-2015

Hello Hans,

You need to adjust your alert thresholds probably, you can do this from the Manage Alerts dialog, select the alert that needs adjustment and click the pencil icon to Edit the Alert. Then adjust the time and the number of matches in the Raise an alert section of the dialog to adjust the threshold. Also make sure your alert is enabled, if not enable it to get it to alert.

Like Steve said a picture of what your edit alert dialog looks like will help in answering you in better way.

Thanks,

-Yogita.

HansdeJongh · ‎02-18-2015

When i open the query i can see its on "custom time" and not the "last 5 minutes" on which i saved it..

so its on the time that it was when i created the query..

sflanders · ‎02-18-2015

So you have an alert that runs every 5 minutes. The query on IA returned no results and the alert dialog box query had not finished running. Everything looks good, but the screenshots do not show that you actually have results for the query.

Hope this helps! === If you find this information useful, please award points for "correct" or "helpful". ===

HansdeJongh · ‎02-18-2015

i tried that too:)

sflanders · ‎02-18-2015

Cool, so this seems to show that alerts should have been generated. Next, up check the log at /storage/var/loginsight/alerts.log. You should see your alert (by title) in this file -- do you? If yes then this likely indicates that your SMTP settings are incorrect, DNS resolution is not working or you have some network connectivity issue between LI and the SMTP server. The runtime.log should indicate if the problem.

Hope this helps! === If you find this information useful, please award points for "correct" or "helpful". ===

admin · ‎02-18-2015

Are you getting any system alerts or other alert notifications from loginsight to the email id configured in the Edit alert dialog below? Maybe your smtp settings need modifications to receive emails to that email id?

HansdeJongh · ‎02-18-2015

yes i test smtp settings as well and they worked...

but ill check the alert log

HansdeJongh · ‎02-18-2015

the alert log shows some alerts it generated on the 8th of december.(before the upgrade to GA???)

sflanders · ‎02-18-2015

Can you restart the master node and then see if alerts work?

Hope this helps! === If you find this information useful, please award points for "correct" or "helpful". ===

HansdeJongh · ‎02-19-2015

its like win95! the reboot solved it

sflanders · ‎02-19-2015

It is a bug based on a corner case - lucky you new TP will have the fix, but workaround is restart.

Hope this helps! === If you find this information useful, please award points for "correct" or "helpful". ===

All

Alerts dont work

Product