Too many logs

Description

This alert fires when too many logs of error level have been created (and collected) in the last minutes.

It looks for the average count of error logs per minute, not the total.

Default configuration

"tooManyLogs": {
  "active": true,
  "maxErrorLogsPerMin": 10,
  "delayWhenInactive": "PT5M",
  "delayWhenActive": "PT1M"
}

Mail

Content

The mail contains an aggregated view of logs found:

Total error logs found
How many new error logs since last time
Description of logs
- Aggregated by log code
- Counted
- With a sample message
- And telling what services are concerned, and to what extent

With this information, you may do a pre-analysis of the error without even opening Spider monitoring dashboards.
This allows alert dispatching or even discarding.

Sample

{
    "endpoint": "https://...",
    "name": "tooManyLogs",
    "status": "ACTIVE",
    "since": "2023-04-07T09:39:57.475Z",
    "totalErrors": 5915,
    "newErrors": 5915,
    "codes": [
        {
            "code": "WEBW-PARS-009",
            "count": 1749,
            "level": 50,
            "msg": "{\"@type\":\"Error\",\"title\":500,\"description\":\"[Breaker: Get packets of TcpSession] Circuit has been opened - The percentage of failed requests (0%) is greater than the threshold specified (100%)\"}",
            "services": [
                {
                    "name": "web-write",
                    "count": 1744
                }
            ]
        },
        {
            "code": "WEBW-TCP-002",
            "count": 1749,
            "level": 50,
            "msg": "Unexpected error while parsing session!",
            "services": [
                {
                    "name": "web-write",
                    "count": 1744
                }
            ]
        }
    ]
}

Description​

Default configuration​

Mail​

Content​

Sample​

Description

Default configuration

Mail

Content

Sample