Link

ALERT WEBHOOK

Alert Payload

Name Type Description
event_type string Always: “zebrium_alert”
customer_name string Customer name of Zebrium instance
deployment_name string Name of the deployment where incident was raised
view_name string Name of view associated with alert
alert_name string Name of alert definition
alert_hit_ct integer Count of events in alert
alert_rule_def_hit_ct integer Count of events in alert rule definition
alert_hit_within_time_span integer Time span covered by alert in seconds
alert_rule_def_hit_within_time_span integer Time span specified in the alert rule definition in seconds
alert_reason string Textual description of alert
alert_rule string Textual description of alert rule definition
alert_start_epoch_ts timestamp UTC timestamp of alert start
alert_end_epoch_ts timestamp UTC timestamp of alert end
view_url url encoded string URL to the view in the Zebrium UI
unique_etype_ct integer Count of unique etypes
event_examples_by_etype etype object list One example of each unique etype

Etype Object

Name Type Description
etype string Name of the event type
etype_url url encoded string Link to a track of this etype in the Zebrium UI
log_name string Name of log basename (e.g. syslog, error)
severity string Severity text as seen in the log event (e.g. INFO)
event_ct integer Count of events of this etype in alert
event_text string Example of one log event of this etype

Example Payload

{
  "event_type": "zebrium_alert",
  "customer_name": "customer 1",
  "deployment_name": "deployment 1",
  "view_name": "All Errors",
  "alert_name": "ERROR ALERT",
  "alert_hit_ct": 110,
  "alert_rule_def_hit_ct": 1,
  "alert_hit_within_time_span": 300,
  "alert_rule_def_hit_within_time_span": 300,
  "alert_reason": "Hit 110 times within 300 seconds beginning at 2020-06-18 21:25:00 and ending at 2020-06-18 21:30:00",
  "alert_rule": "Hit at least 1 times within 300 seconds",
  "alert_start_epoch_ts": "2020-06-18 21:25:00",
  "alert_end_epoch_ts": "2020-06-18 21:30:00",
  "view_url": "https://portal11.zebrium.com:443/0/filterviewlookup/3af02a24-20ea-4bba-6985-b877901d6079/1592515500/1592515800/portal03/#webhook",
  "unique_etype_ct": 3,
  "event_examples_by_etype": [
    {
      "etype": "system_stats_service_cgroup",
      "etype_url": "https://portal11.zebrium.com:443/0/etypelookup/system_stats_service_cgroup/1592429100/1592602200/portal03/#webhook",
      "log_name": "kubelet",
      "severity": "E",
      "count": 54,
      "event_text": "E0618 14:27:20.339899     994 summary_sys_containers.go:47] Failed to get system container stats for \\\"/system.slice/docker.service\\\": failed to get cgroup stats for \\\"/system.slice/docker.service\\\": failed to get container info for \\\"/system.slice/docker.service\\\": unknown container \\\"/system.slice/docker.service\\\""
    },
    {
      "etype": "prepared_name_command_select_numargs_write",
      "etype_url": "https://portal11.zebrium.com:443/0/etypelookup/prepared_name_command_select_numargs_write/1592429100/1592602200/portal03/#webhook",
      "log_name": "zwsd",
      "severity": "ERROR",
      "count": 37,
      "event_text": "Jun 18 14:26:48.122576 ERROR connection: -> FAILED SENDING Parse: PreparedName = \\\"S115925156082030536565\\\", Command = \\\"select 1 as test\\\", NumArgs = 0: write tcp 10.100.1.177:36124->172.31.54.255:5433: write: broken pipe"
    },
    {
      "etype": "database_driver_failed_broken",
      "etype_url": "https://portal11.zebrium.com:443/0/etypelookup/database_driver_failed_broken/1592429100/1592602200/portal03/#webhook",
      "log_name": "zwsd",
      "severity": "ERROR",
      "count": 19,
      "event_text": "2020-06-18T14:26:48.122535497-07:00 1 error db.go 176: database driver odbc failed ping, err = write tcp 10.100.1.177:36124->172.31.54.255:5433: write: broken pipe"
    }
  ]
}