Home Explore Help
Sign In
SMusatov
/
netdata
mirror of https://github.com/netdata/netdata.git
1
0
Fork 0
Files Wiki
Branch: v1.38
Branches Tags
netdata
/
health
/
health.d
/
web_log.conf

web_log.conf 6.6 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210 
  1. 

  2. # unmatched lines
    3. 

  3. 

  4. # the following alarms trigger only when there are enough data.
    5. 

  5. # we assume there are enough data when:
    6. 

  6. #
    7. 

  7. #  $1m_total_requests > 120
    8. 

  8. #
    9. 

  9. # i.e. when there are at least 120 requests during the last minute
    10. 

  10. 

  11.  template: web_log_1m_total_requests
    12. 

  12.        on: web_log.requests
    13. 

  13.     class: Workload
    14. 

  14.      type: Web Server
    15. 

  15. component: Web log
    16. 

  16.  families: *
    17. 

  17.    lookup: sum -1m unaligned
    18. 

  18.      calc: ($this == 0)?(1):($this)
    19. 

  19.     units: requests
    20. 

  20.     every: 10s
    21. 

  21.      info: number of HTTP requests in the last minute
    22. 

  22. 

  23.  template: web_log_1m_unmatched
    24. 

  24.        on: web_log.excluded_requests
    25. 

  25.     class: Errors
    26. 

  26.      type: Web Server
    27. 

  27. component: Web log
    28. 

  28.  families: *
    29. 

  29.    lookup: sum -1m unaligned of unmatched
    30. 

  30.      calc: $this * 100 / $web_log_1m_total_requests
    31. 

  31.     units: %
    32. 

  32.     every: 10s
    33. 

  33.      warn: ($web_log_1m_total_requests > 120) ? ($this > 1) : ( 0 )
    34. 

  34.     delay: up 1m down 5m multiplier 1.5 max 1h
    35. 

  35.      info: percentage of unparsed log lines over the last minute
    36. 

  36.        to: webmaster
    37. 

  37. 

  38. # -----------------------------------------------------------------------------
    39. 

  39. # high level response code alarms
    40. 

  40. 

  41. # the following alarms trigger only when there are enough data.
    42. 

  42. # we assume there are enough data when:
    43. 

  43. #
    44. 

  44. #  $1m_requests > 120
    45. 

  45. #
    46. 

  46. # i.e. when there are at least 120 requests during the last minute
    47. 

  47. 

  48.  template: web_log_1m_requests
    49. 

  49.        on: web_log.type_requests
    50. 

  50.     class: Workload
    51. 

  51.      type: Web Server
    52. 

  52. component: Web log
    53. 

  53.  families: *
    54. 

  54.    lookup: sum -1m unaligned
    55. 

  55.      calc: ($this == 0)?(1):($this)
    56. 

  56.     units: requests
    57. 

  57.     every: 10s
    58. 

  58.      info: number of HTTP requests in the last minute
    59. 

  59. 

  60.  template: web_log_1m_successful
    61. 

  61.        on: web_log.type_requests
    62. 

  62.     class: Workload
    63. 

  63.      type: Web Server
    64. 

  64. component: Web log
    65. 

  65.  families: *
    66. 

  66.    lookup: sum -1m unaligned of success
    67. 

  67.      calc: $this * 100 / $web_log_1m_requests
    68. 

  68.     units: %
    69. 

  69.     every: 10s
    70. 

  70.      warn: ($web_log_1m_requests > 120) ? ($this < (($status >= $WARNING ) ? ( 95 ) : ( 85 )) ) : ( 0 )
    71. 

  71.      crit: ($web_log_1m_requests > 120) ? ($this < (($status == $CRITICAL) ? ( 85 ) : ( 75 )) ) : ( 0 )
    72. 

  72.     delay: up 2m down 15m multiplier 1.5 max 1h
    73. 

  73.      info: ratio of successful HTTP requests over the last minute (1xx, 2xx, 304, 401)
    74. 

  74.        to: webmaster
    75. 

  75. 

  76.  template: web_log_1m_redirects
    77. 

  77.        on: web_log.type_requests
    78. 

  78.     class: Workload
    79. 

  79.      type: Web Server
    80. 

  80. component: Web log
    81. 

  81.  families: *
    82. 

  82.    lookup: sum -1m unaligned of redirect
    83. 

  83.      calc: $this * 100 / $web_log_1m_requests
    84. 

  84.     units: %
    85. 

  85.     every: 10s
    86. 

  86.      warn: ($web_log_1m_requests > 120) ? ($this > (($status >= $WARNING ) ? (  1 ) : ( 20 )) ) : ( 0 )
    87. 

  87.     delay: up 2m down 15m multiplier 1.5 max 1h
    88. 

  88.      info: ratio of redirection HTTP requests over the last minute (3xx except 304)
    89. 

  89.        to: webmaster
    90. 

  90. 

  91.  template: web_log_1m_bad_requests
    92. 

  92.        on: web_log.type_requests
    93. 

  93.     class: Errors
    94. 

  94.      type: Web Server
    95. 

  95. component: Web log
    96. 

  96.  families: *
    97. 

  97.    lookup: sum -1m unaligned of bad
    98. 

  98.      calc: $this * 100 / $web_log_1m_requests
    99. 

  99.     units: %
    100. 

  100.     every: 10s
    101. 

  101.      warn: ($web_log_1m_requests > 120) ? ($this > (($status >= $WARNING)  ? ( 10 ) : ( 30 )) ) : ( 0 )
    102. 

  102.     delay: up 2m down 15m multiplier 1.5 max 1h
    103. 

  103.      info: ratio of client error HTTP requests over the last minute (4xx except 401)
    104. 

  104.        to: webmaster
    105. 

  105. 

  106.  template: web_log_1m_internal_errors
    107. 

  107.        on: web_log.type_requests
    108. 

  108.     class: Errors
    109. 

  109.      type: Web Server
    110. 

  110. component: Web log
    111. 

  111.  families: *
    112. 

  112.    lookup: sum -1m unaligned of error
    113. 

  113.      calc: $this * 100 / $web_log_1m_requests
    114. 

  114.     units: %
    115. 

  115.     every: 10s
    116. 

  116.      warn: ($web_log_1m_requests > 120) ? ($this > (($status >= $WARNING)  ? ( 1 ) : ( 2 )) ) : ( 0 )
    117. 

  117.      crit: ($web_log_1m_requests > 120) ? ($this > (($status == $CRITICAL) ? ( 2 ) : ( 5 )) ) : ( 0 )
    118. 

  118.     delay: up 2m down 15m multiplier 1.5 max 1h
    119. 

  119.      info: ratio of server error HTTP requests over the last minute (5xx)
    120. 

  120.        to: webmaster
    121. 

  121. 

  122. # -----------------------------------------------------------------------------
    123. 

  123. # web slow
    124. 

  124. 

  125. # the following alarms trigger only when there are enough data.
    126. 

  126. # we assume there are enough data when:
    127. 

  127. #
    128. 

  128. #  $1m_requests > 120
    129. 

  129. #
    130. 

  130. # i.e. when there are at least 120 requests during the last minute
    131. 

  131. 

  132.  template: web_log_10m_response_time
    133. 

  133.        on: web_log.request_processing_time
    134. 

  134.     class: Latency
    135. 

  135.      type: System
    136. 

  136. component: Web log
    137. 

  137.  families: *
    138. 

  138.    lookup: average -10m unaligned of avg
    139. 

  139.     units: ms
    140. 

  140.     every: 30s
    141. 

  141.      info: average HTTP response time over the last 10 minutes
    142. 

  142. 

  143.  template: web_log_web_slow
    144. 

  144.        on: web_log.request_processing_time
    145. 

  145.     class: Latency
    146. 

  146.      type: Web Server
    147. 

  147. component: Web log
    148. 

  148.  families: *
    149. 

  149.    lookup: average -1m unaligned of avg
    150. 

  150.     units: ms
    151. 

  151.     every: 10s
    152. 

  152.     green: 500
    153. 

  153.       red: 1000
    154. 

  154.      warn: ($web_log_1m_requests > 120) ? ($this > $green && $this > ($web_log_10m_response_time * 2) ) : ( 0 )
    155. 

  155.      crit: ($web_log_1m_requests > 120) ? ($this > $red   && $this > ($web_log_10m_response_time * 4) ) : ( 0 )
    156. 

  156.     delay: down 15m multiplier 1.5 max 1h
    157. 

  157.      info: average HTTP response time over the last 1 minute
    158. 

  158.   options: no-clear-notification
    159. 

  159.        to: webmaster
    160. 

  160. 

  161. # -----------------------------------------------------------------------------
    162. 

  162. # web too many or too few requests
    163. 

  163. 

  164. # the following alarms trigger only when there are enough data.
    165. 

  165. # we assume there are enough data when:
    166. 

  166. #
    167. 

  167. #  $5m_successful_old > 120
    168. 

  168. #
    169. 

  169. # i.e. when there were at least 120 requests during the 5 minutes starting
    170. 

  170. #      at -10m and ending at -5m
    171. 

  171. 

  172.  template: web_log_5m_successful_old
    173. 

  173.        on: web_log.type_requests
    174. 

  174.     class: Workload
    175. 

  175.      type: Web Server
    176. 

  176. component: Web log
    177. 

  177.  families: *
    178. 

  178.    lookup: average -5m at -5m unaligned of success
    179. 

  179.     units: requests/s
    180. 

  180.     every: 30s
    181. 

  181.      info: average number of successful HTTP requests for the 5 minutes starting 10 minutes ago
    182. 

  182. 

  183.  template: web_log_5m_successful
    184. 

  184.        on: web_log.type_requests
    185. 

  185.     class: Workload
    186. 

  186.      type: Web Server
    187. 

  187. component: Web log
    188. 

  188.  families: *
    189. 

  189.    lookup: average -5m unaligned of success
    190. 

  190.     units: requests/s
    191. 

  191.     every: 30s
    192. 

  192.      info: average number of successful HTTP requests over the last 5 minutes
    193. 

  193. 

  194.  template: web_log_5m_requests_ratio
    195. 

  195.        on: web_log.type_requests
    196. 

  196.     class: Workload
    197. 

  197.      type: Web Server
    198. 

  198. component: Web log
    199. 

  199.  families: *
    200. 

  200.      calc: ($web_log_5m_successful_old > 0)?($web_log_5m_successful * 100 / $web_log_5m_successful_old):(100)
    201. 

  201.     units: %
    202. 

  202.     every: 30s
    203. 

  203.      warn: ($web_log_5m_successful_old > 120) ? ($this > 200 OR $this < 50) : (0)
    204. 

  204.      crit: ($web_log_5m_successful_old > 120) ? ($this > 400 OR $this < 25) : (0)
    205. 

  205.     delay: down 15m multiplier 1.5 max 1h
    206. 

  206.   options: no-clear-notification
    207. 

  207.      info: ratio of successful HTTP requests over over the last 5 minutes, \
    208. 

  208.            compared with the previous 5 minutes \
    209. 

  209.            (clear notification for this alarm will not be sent)
    210. 

  210.        to: webmaster
    211.