iankelling.org
/
git
/
distro-setup
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
fixes and alert improvements
[distro-setup]
/
filesystem
/
etc
/
prometheus
/
rules
/
iank.yml
diff --git
a/filesystem/etc/prometheus/rules/iank.yml
b/filesystem/etc/prometheus/rules/iank.yml
index 75b5cbcfc760925b79d51fd6c3262de7a6186a97..4f3bb04ee5e8e0ee5129638dcbc43c6c6458ea9b 100644
(file)
--- a/
filesystem/etc/prometheus/rules/iank.yml
+++ b/
filesystem/etc/prometheus/rules/iank.yml
@@
-44,7
+44,10
@@
groups:
###### END MISC NOTES ######
###### END MISC NOTES ######
-
+# various queries only look at increases, so invert the up metric so we
+# can better query on down.
+ - record: down
+ expr: up == bool 0
# alerting on missing metrics:
# alerting on missing metrics:
@@
-85,11
+88,25
@@
groups:
severity: warn
- alert: sysd_result_fail
severity: warn
- alert: sysd_result_fail
+ # not sure 30m is really needed, it prevents the alert from flapping
+ # i guess.
expr: |-
rate(node_systemd_unit_result_fail_count[30m]) > 0
labels:
severity: day
expr: |-
rate(node_systemd_unit_result_fail_count[30m]) > 0
labels:
severity: day
+ - alert: exim_paniclog
+ expr: |-
+ exim_paniclog > 0
+ labels:
+ severity: warn
+
+ - alert: check_crypttab
+ expr: |-
+ check_crypttab > 0
+ labels:
+ severity: prod
+
- alert: mailtest_check_vps
expr: |-
time() - mailtest_check_last_usec{job="tlsnode"} >= 60 * 12
- alert: mailtest_check_vps
expr: |-
time() - mailtest_check_last_usec{job="tlsnode"} >= 60 * 12
@@
-98,14
+115,13
@@
groups:
annotations:
summary: '12 minutes down'
annotations:
summary: '12 minutes down'
- # 42 mins: enough for a 30 min queue run plus 12
- - alert: mailtest_check_vps
+ - alert: mailtest_check_unexpected_spamd_vps
expr: |-
expr: |-
- time() - mailtest_check_last_usec{job="tlsnode"} >= 60 * 42
+ mailtest_check_unexpected_spamd_results >= 1
labels:
labels:
- severity:
prod
+ severity:
day
annotations:
annotations:
- summary: '
42 minutes down
'
+ summary: '
jr -u mailtest-check -e
'
- alert: mailtest_check_mailhost
expr: |-
- alert: mailtest_check_mailhost
expr: |-
@@
-115,14
+131,14
@@
groups:
annotations:
summary: '12 minutes down'
annotations:
summary: '12 minutes down'
- #
42 mins: enough for a 30 min queue run plus 12
- - alert: mailtest_check_mailhost
+ #
20 minutes. just allow for more due to prod alert.
+ - alert: mailtest_check_
gnu_
mailhost
expr: |-
expr: |-
- time() - max by (folder,from) (mailtest_check_last_usec{
job="node"}) >= 60 * 42
+ time() - max by (folder,from) (mailtest_check_last_usec{
folder="/m/md/l/testignore", from="iank@gnu.org"}) >= 60 * 20
labels:
severity: prod
annotations:
labels:
severity: prod
annotations:
- summary: '
42
minutes down'
+ summary: '
20
minutes down'
- alert: 1pmtest
- alert: 1pmtest
@@
-161,11
+177,11
@@
groups:
# avg_over_time(node_systemd_unit_state{name="dynamicipupdate.service",state="active"}[1d]) < .95
- alert: up_resets
expr: |-
# avg_over_time(node_systemd_unit_state{name="dynamicipupdate.service",state="active"}[1d]) < .95
- alert: up_resets
expr: |-
- resets(up[
2d]) - changes(node_boot_time_seconds[2
d]) > 12
+ resets(up[
1d]) - changes(node_boot_time_seconds[1
d]) > 12
labels:
severity: warn
annotations:
labels:
severity: warn
annotations:
- summary: "Target has gone down {{ $value }} times in
2 days
, > 12"
+ summary: "Target has gone down {{ $value }} times in
1 day
, > 12"