CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-01-14 04:01:23 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
3368789b43f78c6fa3616151d94de4ee99c46a66
securityonion/salt/influxdb/templates/alarm_logstash_eps.json
Jason Ertel 1fa526cd0e influx upgrade
2023-02-14 11:22:54 -05:00

21 lines
936 B
JSON
Raw Blame History

[{
"apiVersion": "influxdata.com/v2alpha1",
"kind": "CheckThreshold",
"metadata": {
"name": "alarm-logstash-eps"
},
"spec": {
"every": "1m0s",
"name": "Logstash EPS at 0",
"query": "from(bucket: \"telegraf/so_short_term\")\n |\u003e range(start: v.timeRangeStart, stop: v.timeRangeStop)\n |\u003e filter(fn: (r) =\u003e r[\"_measurement\"] == \"logstash_events\")\n |\u003e filter(fn: (r) =\u003e r[\"_field\"] == \"in\")\n |\u003e aggregateWindow(every: 1m, fn: mean, createEmpty: false)\n |\u003e yield(name: \"mean\")",
"status": "active",
"statusMessageTemplate": "Check: ${ r._check_name } is: ${ r._level }",
"thresholds": [
{
"level": "CRIT",
"type": "lesser",
"value": 1
}
]
}
}]
Reference in New Issue View Git Blame Copy Permalink