I am trying to get alert via stack driver using logs from my server. My log entry will have an attribute health_status whose value can be [true/false], I wanted to create an alerting policy which triggers an alert if the last log entry's health_status is false. I succeeded that part(By creating a metric with the label - health_status, defining an alerting policy, if health_status = false), but the complexity is, the log entry will be updated every 15 minutes, I don't want to get notified if an alert is already triggered in the past 15 minutes. (i.e) if in the first 15 minutes, health_status = true, in the next 15 minutes, health_status = false, I need an alert. But, if in the first 15 minutes, health_status = false, in the next 15 minutes, health_status = false, I don't need an alert. Is it possible to implement such an alerting policy in stack driver? Thanks in advance!
1 Answers
0
votes
I believe you can leverage the alerting policy to add multiple conditions.
You can set your first condition to trigger if the value = true for the first 15 minutes
For your second condition, you can add an opposite value that contradicts the first statement.
You can then configure the policy trigger, forcing the alert to be triggered only if both policies are met. Meaning that if in the first 15 minutes value is true and the second 15 minutes value is false, then all conditions are met and this will trigger the alert.
