cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Adding result of DQL in Problem detail

AK
Pro

Hello Folks,

I have one DQL which is fetching a logs and searching through one error statement.

In result, it returns few column containing error pattern (that I have added in DQL as a filter) and also few other columns/fields like used ID, Trace ID, request ID.

I wanted to check though this logs every five minutes and get alerted if the log entries have that error pattern and most important thing is, problem should carry all the information i.e. used ID, Trace ID, request ID.

I tried configuring Davis anomaly detection (converting it into timeseries) but we only can pass available placeholders like alert condition, baseline, severity, threshold.

Is that something achievable? Can someone please guide.

Regards,

AK

 

 

2 REPLIES 2

ChadTurner
DynaMight Legend
DynaMight Legend

You can achieve this by adding in custom attributes. This will allow you to extract out segments of the log file and list it, much like a request attribute. Once you build that, you can then define the alert criteria and include the new custom attribute as a placeholder in the alert payload. 

-Chad

RohitBisht
Dynatrace Advisor
Dynatrace Advisor

Hi @AK ,

Another way than what Chad has mentioned to do this is using a DQL like this.
Filter by the error and split by the column you want in a timeseries. Once you get the required results you can use the anomaly detector app to configure alerts.


fetch logs

| filter trace_id != "NULL"
| makeTimeseries count(), by: {trace_id,aws.account.id}

RB

Featured Posts