Too many logs
Description
This alert fires when too many logs of error level have been created (and collected) in the last minutes.
It looks for the average count of error logs per minute, not the total.
Default configuration
"tooManyLogs": {
"active": true,
"maxErrorLogsPerMin": 10,
"delayWhenInactive": "PT5M",
"delayWhenActive": "PT1M"
}
Mail
Content
The mail contains an aggregated view of logs found:
- Total error logs found
- How many new error logs since last time
- Description of logs
- Aggregated by log code
- Counted
- With a sample message
- And telling what services are concerned, and to what extent
With this information, you may do a pre-analysis of the error without even opening Spider monitoring dashboards.
This allows alert dispatching or even discarding.
Sample
{
"endpoint": "https://...",
"name": "tooManyLogs",
"status": "ACTIVE",
"since": "2023-04-07T09:39:57.475Z",
"totalErrors": 5915,
"newErrors": 5915,
"codes": [
{
"code": "WEBW-PARS-009",
"count": 1749,
"level": 50,
"msg": "{\"@type\":\"Error\",\"title\":500,\"description\":\"[Breaker: Get packets of TcpSession] Circuit has been opened - The percentage of failed requests (0%) is greater than the threshold specified (100%)\"}",
"services": [
{
"name": "web-write",
"count": 1744
},
{
"name": "web-write-warnings",
"count": 5
}
]
},
{
"code": "WEBW-TCP-002",
"count": 1749,
"level": 50,
"msg": "Unexpected error while parsing session!",
"services": [
{
"name": "web-write",
"count": 1744
},
{
"name": "web-write-warnings",
"count": 5
}
]
}
]
}