alerts_v2

package
v1.17.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 14, 2023 License: MIT Imports: 6 Imported by: 2

README

Alerts V2

Compatible with Logz.io's alerts API.

Logz.io alerts use a Kibana search query to continuously scan your logs and alert you when a certain set of conditions is met. The simplest alerts can use a simple search query or a particular filter, but others can be quite complex and involve several conditions with varying thresholds.

To create an alert where the type field = 'mytype' and the loglevel field = ERROR, see the logz.io docs for more info

https://support.logz.io/hc/en-us/articles/209487329-How-do-I-create-an-Alert-

client, _ := alerts_v2.New(apiToken, apiServerAddress)
alertQuery := alerts_v2.AlertQuery{
		Query:                    "loglevel:ERROR",
		Aggregation:              alerts_v2.AggregationObj{AggregationType: alerts_v2.AggregationTypeCount},
		ShouldQueryOnAllAccounts: true,
	}

	trigger := alerts_v2.AlertTrigger{
		Operator:               alerts_v2.OperatorEquals,
		SeverityThresholdTiers: map[string]float32{alerts_v2.SeverityHigh: 10, alerts_v2.SeverityInfo: 5},
	}
	
	subComponent := alerts_v2.SubAlert{
		QueryDefinition: alertQuery,
		Trigger:         trigger,
		Output:          alerts_v2.SubAlertOutput{},
	}

	createAlertType := alerts_v2.CreateAlertType{
		Title:                  "test create alert",
		Description:            "this is my description",
		Tags:                   []string{"some", "words"},
		Output:                 alerts_v2.AlertOutput{},
		SubComponents:          []alerts_v2.SubAlert{subComponent},
		Correlations:           alerts_v2.SubAlertCorrelation{},
		Enabled:                strconv.FormatBool(true),
	}

alert := client.CreateAlert(createAlertType)
function func name
Create alert func (c *AlertsV2Client) CreateAlert(alert CreateAlertType) (*AlertType, error)
Delete alert func (c *AlertsV2Client) DeleteAlert(alertId int64) error
Disable alert func (c *AlertsV2Client) DisableAlert(alert AlertType) (*AlertType, error)
Enable alert func (c *AlertsV2Client) EnableAlert(alert AlertType) (*AlertType, error)
Get alert func (c *AlertsV2Client) GetAlert(alertId int64) (*AlertType, error)
List alerts func (c *AlertsV2Client) ListAlerts() ([]AlertType, error)
Update alert func (c *AlertsV2Client) UpdateAlert(alertId int64, alert CreateAlertType) (*AlertType, error)

Documentation

Index

Constants

View Source
const (
	AggregationTypeSum         string = "SUM"
	AggregationTypeMin         string = "MIN"
	AggregationTypeMax         string = "MAX"
	AggregationTypeAvg         string = "AVG"
	AggregationTypeCount       string = "COUNT"
	AggregationTypeUniqueCount string = "UNIQUE_COUNT"
	AggregationTypeNone        string = "NONE"

	OperatorLessThan            string = "LESS_THAN"
	OperatorGreaterThan         string = "GREATER_THAN"
	OperatorLessThanOrEquals    string = "LESS_THAN_OR_EQUALS"
	OperatorGreaterThanOrEquals string = "GREATER_THAN_OR_EQUALS"
	OperatorEquals              string = "EQUALS"
	OperatorNotEquals           string = "NOT_EQUALS"

	SeverityInfo   string = "INFO"
	SeverityLow    string = "LOW"
	SeverityMedium string = "MEDIUM"
	SeverityHigh   string = "HIGH"
	SeveritySevere string = "SEVERE"

	SortDesc string = "DESC"
	SortAsc  string = "ASC"

	OutputTypeJson  string = "JSON"
	OutputTypeTable string = "TABLE"

	CorrelationOperatorAnd string = "AND"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type AggregationObj

type AggregationObj struct {
	AggregationType    string `json:"aggregationType,omitempty"`
	FieldToAggregateOn string `json:"fieldToAggregateOn,omitempty"`
}

type AlertOutput

type AlertOutput struct {
	Recipients                   AlertRecipients `json:"recipients,omitempty"`
	SuppressNotificationsMinutes int             `json:"suppressNotificationsMinutes,omitempty"`
	Type                         string          `json:"type,omitempty"`
}

type AlertQuery

type AlertQuery struct {
	Query                    string         `json:"query,omitempty"`
	Filters                  BoolFilter     `json:"filters,omitempty"`
	GroupBy                  []string       `json:"groupBy,omitempty"`
	Aggregation              AggregationObj `json:"aggregation,omitempty"`
	ShouldQueryOnAllAccounts bool           `json:"shouldQueryOnAllAccounts,omitempty"`
	AccountIdsToQueryOn      []int          `json:"accountIdsToQueryOn,omitempty,omitempty"`
}

type AlertRecipients

type AlertRecipients struct {
	Emails                  []string `json:"emails,omitempty"`
	NotificationEndpointIds []int    `json:"notificationEndpointIds,omitempty"`
}

type AlertTrigger

type AlertTrigger struct {
	Operator               string             `json:"operator,omitempty"`
	SeverityThresholdTiers map[string]float32 `json:"severityThresholdTiers,omitempty"`
}

type AlertType

type AlertType struct {
	AlertId                int64               `json:"id"`
	UpdatedAt              string              `json:"updatedAt"`
	UpdatedBy              string              `json:"updatedBy"`
	CreatedAt              string              `json:"createdAt"`
	CreatedBy              string              `json:"createdBy"`
	Enabled                bool                `json:"enabled"`
	Title                  string              `json:"title"`
	Description            string              `json:"description,omitempty"`
	Tags                   []string            `json:"tags,omitempty"`
	Output                 AlertOutput         `json:"output,omitempty"`
	SearchTimeFrameMinutes int                 `json:"searchTimeFrameMinutes"`
	SubComponents          []SubAlert          `json:"subComponents"`
	Correlations           SubAlertCorrelation `json:"correlations,omitempty"`
	Schedule               ScheduleObj         `json:"schedule,omitempty"`
}

type AlertsV2Client

type AlertsV2Client struct {
	*client.Client
}

func New

func New(apiToken, baseUrl string) (*AlertsV2Client, error)

func (*AlertsV2Client) CreateAlert

func (c *AlertsV2Client) CreateAlert(alert CreateAlertType) (*AlertType, error)

CreateAlert creates an alert, returns the created alert if successful, an error otherwise

func (*AlertsV2Client) DeleteAlert

func (c *AlertsV2Client) DeleteAlert(alertId int64) error

DeleteAlert deletes an alert specified by its unique id, returns an error if a problem is encountered

func (*AlertsV2Client) DisableAlert

func (c *AlertsV2Client) DisableAlert(alert AlertType) (*AlertType, error)

DisableAlert disables an alert given its unique identifier. Returns the alert, an error otherwise

func (*AlertsV2Client) EnableAlert

func (c *AlertsV2Client) EnableAlert(alert AlertType) (*AlertType, error)

EnableAlert enables an alert given its unique identifier. Returns the alert, an error otherwise

func (*AlertsV2Client) GetAlert

func (c *AlertsV2Client) GetAlert(alertId int64) (*AlertType, error)

GetAlert returns an alert given itss unique identifier, an error otherwise

func (*AlertsV2Client) ListAlerts

func (c *AlertsV2Client) ListAlerts() ([]AlertType, error)

ListAlerts returns all the alerts in an array associated with the account identified by the supplied API token, returns an error if any problem occurs during the API call

func (*AlertsV2Client) UpdateAlert

func (c *AlertsV2Client) UpdateAlert(alertId int64, alert CreateAlertType) (*AlertType, error)

UpdateAlert updates an existing alert, based on the supplied alert identifier, using the parameters of the specified alert Returns the updated alert if successful, an error otherwise

type BoolFilter

type BoolFilter struct {
	Bool FilterLists `json:"bool,omitempty"`
}

type ColumnConfig

type ColumnConfig struct {
	FieldName string `json:"fieldName,omitempty"`
	Regex     string `json:"regex,omitempty"`
	Sort      string `json:"sort,omitempty"`
}

type CreateAlertType

type CreateAlertType struct {
	Title                  string              `json:"title,omitempty"`
	Description            string              `json:"description,omitempty"`
	Tags                   []string            `json:"tags,omitempty"`
	Output                 AlertOutput         `json:"output,omitempty"`
	SearchTimeFrameMinutes int                 `json:"searchTimeFrameMinutes,omitempty"`
	SubComponents          []SubAlert          `json:"subComponents,omitempty"`
	Correlations           SubAlertCorrelation `json:"correlations,omitempty"`
	Enabled                string              `json:"enabled,omitempty"`
	Schedule               ScheduleObj         `json:"schedule,omitempty"`
}

type FieldError

type FieldError struct {
	Field   string
	Message string
}

func (FieldError) Error

func (e FieldError) Error() string

type FilterLists

type FilterLists struct {
	Must    []map[string]interface{} `json:"must,omitempty"`
	MustNot []map[string]interface{} `json:"must_not,omitempty"`
}

type ScheduleObj added in v1.14.0

type ScheduleObj struct {
	CronExpression string `json:"cronExpression,omitempty"`
	Timezone       string `json:"timezone,omitempty"`
}

type SubAlert

type SubAlert struct {
	QueryDefinition AlertQuery     `json:"queryDefinition,omitempty"`
	Trigger         AlertTrigger   `json:"trigger,omitempty"`
	Output          SubAlertOutput `json:"output,omitempty"`
}

type SubAlertCorrelation

type SubAlertCorrelation struct {
	CorrelationOperators []string            `json:"correlationOperators,omitempty"`
	Joins                []map[string]string `json:"joins,omitempty"`
}

type SubAlertOutput

type SubAlertOutput struct {
	Columns            []ColumnConfig `json:"columns,omitempty"`
	ShouldUseAllFields bool           `json:"shouldUseAllFields,omitempty"`
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL