[OBS-1194] Configuring file logging from the alerting system - Observium

Details

Type: Improvement
Resolution: Won't Do
Priority: Major
Fix Version/s: None
Affects Version/s: None
Component/s: Alerting
Labels:
None

Description

This patch introduces configurable filebased logging to Observium using a template to describe the notification.
Configuration is done in the local configuration.
Default configuration is extended with 3 options:

// File log backend settings
$config['filelog']['enable'] = FALSE; // Enable/Disable filelog globally
$config['filelog']['log_dir'] = $config['install_dir'] . '/logs'; // Log dir. No trailing /
$config['filelog']['log_name'] = 'alerts.log'; // Log name.

The code has been formatted according to the syntax described on the Observium wiki.
In order to make this work the alerter needs a described contact_method.
Insert a contact_method = filelog in the alert_contacts table, and create your mappings by inserting the desired records into alert_contact_assoc.
These mappings are based on the alert_tests id’s.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

logstash-observium-filter.conf
0.5 kB
2015/02/12 12:11 AM
mb_add_filelog_baserev_6252_nlfilter.diff
4 kB
2015/02/09 02:51 AM

Activity

[OBS-1194] Configuring file logging from the alerting system

Adam Armstrong added a comment - 2016/03/05 02:52 AM

This was obsoleted by the contact system changes, but can probably be more easily reimplemented now.

Adam Armstrong added a comment - 2016/03/05 02:52 AM This was obsoleted by the contact system changes, but can probably be more easily reimplemented now.

Gert-Jan de Boer added a comment - 2015/02/12 12:09 AM - edited

Attaching the filter we're using to catch the alerts in Elasticsearch.

Is there a chance you'll accept this patch? I don't see it breaking anything and it helps our use case.

Gert-Jan de Boer added a comment - 2015/02/12 12:09 AM - edited Attaching the filter we're using to catch the alerts in Elasticsearch. Is there a chance you'll accept this patch? I don't see it breaking anything and it helps our use case.

Gert-Jan de Boer added a comment - 2015/02/09 04:17 PM

Just tested it, with two contacts I get both email and filelog alerts so it seems to work as intended.

Gert-Jan de Boer added a comment - 2015/02/09 04:17 PM Just tested it, with two contacts I get both email and filelog alerts so it seems to work as intended.

Gert-Jan de Boer added a comment - 2015/02/09 02:51 AM

Updated patch, including newline filter.

Gert-Jan de Boer added a comment - 2015/02/09 02:51 AM Updated patch, including newline filter.

Gert-Jan de Boer added a comment - 2015/02/09 02:37 AM

We want to feed alerts into elasticsearch so we can search them and correlate them with other systems. Easiest way to accomplish that was getting alerts into a logfile. When you insert two contacts in alert_contacts and add the proper associations in alert_contacts_assoc it should do both email and filelog, wouldn't it?

Gert-Jan de Boer added a comment - 2015/02/09 02:37 AM We want to feed alerts into elasticsearch so we can search them and correlate them with other systems. Easiest way to accomplish that was getting alerts into a logfile. When you insert two contacts in alert_contacts and add the proper associations in alert_contacts_assoc it should do both email and filelog, wouldn't it?

Adam Armstrong added a comment - 2015/02/08 09:20 AM

Indeed. I think logging to a file is something that should be handled as a special case independent of the notification/contacts system. That can just be hooked into the alert logging functions, I guess.

Adam Armstrong added a comment - 2015/02/08 09:20 AM Indeed. I think logging to a file is something that should be handled as a special case independent of the notification/contacts system. That can just be hooked into the alert logging functions, I guess.

Mike Stupalov added a comment - 2015/02/08 05:21 AM - edited

Anyway we already have function logfile()..
And yes, we already have alert_log.. can be someone need logging to file

But anyway I also not know why it need to someone

Mike Stupalov added a comment - 2015/02/08 05:21 AM - edited Anyway we already have function logfile().. And yes, we already have alert_log.. can be someone need logging to file But anyway I also not know why it need to someone

Adam Armstrong added a comment - 2015/02/08 02:31 AM

but why?

the way the alerting stuff currently works, enabling this on an alert would disable the default email alerts from being sent.

Adam Armstrong added a comment - 2015/02/08 02:31 AM but why? the way the alerting stuff currently works, enabling this on an alert would disable the default email alerts from being sent.

People

Assignee:: Adam Armstrong

Reporter:: Gert-Jan de Boer

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 2015/02/08 02:06 AM

Updated:: 2017/12/03 10:29 AM

Resolved:: 2017/12/03 10:29 AM