+# other rules to consider:
+# filesystem, network, ntp rules:
+# https://github.com/cloudalchemy/ansible-prometheus defaults/main.yml
+# on my system, the interpolated values are in /a/opt/ansible-prometheus/rules.yml
+#
+
groups:
-- name: standard alerts
+- name: standard
rules:
- alert: mailtest-check
expr: |-
severity: day
annotations:
description: '{{ $labels.instance }} mailtest-check'
- summary: {{ $labels.instance }} mailtest-check
+ summary: '{{ $labels.instance }} mailtest-check'
+ # 42 mins: enough for a 30 min queue run plus 12
- alert: mailtest-check
expr: |-
- # 42 mins: enough for a 30 min queue run plus 12
time() - mailtest_check_last_usec > 60 * 42
labels:
severity: prod
annotations:
description: '{{ $labels.instance }} mailtest-check'
- summary: {{ $labels.instance }} mailtest-check
+ summary: '{{ $labels.instance }} mailtest-check'
+ - alert: 1pmtest
+ expr: hour() == 18 and minute() < 5
+ for: 0m
+ labels:
+ severity: daytest
+ annotations:
+ summary: Prometheus daily test alert (instance {{ $labels.instance }})
+ description: "Prometheus daily test alert if no other alerts. It
+ is an end to end test.\n VALUE = {{ $value }}\n LABELS = {{ $labels }}"
- # - alert: NodeFilesystemAlmostOutOfSpace
- # annotations:
- # description: Filesystem on {{ $labels.device }} at {{ $labels.instance }} has
- # only {{ printf "%.2f" $value }}% available space left.
- # summary: Filesystem has less than 5% space left.
- # expr: |-
- # (
- # node_filesystem_avail_bytes{job="node",fstype!=""} / node_filesystem_size_bytes{job="node",fstype!=""} * 100 < 5
- # and
- # node_filesystem_readonly{job="node",fstype!=""} == 0
- # )
- # for: 1h
- # labels:
- # severity: warning
- # - alert: NodeFilesystemAlmostOutOfSpace
- # annotations:
- # description: Filesystem on {{ $labels.device }} at {{ $labels.instance }} has
- # only {{ printf "%.2f" $value }}% available space left.
- # summary: Filesystem has less than 3% space left.
- # expr: |-
- # (
- # node_filesystem_avail_bytes{job="node",fstype!=""} / node_filesystem_size_bytes{job="node",fstype!=""} * 100 < 3
- # and
- # node_filesystem_readonly{job="node",fstype!=""} == 0
- # )
- # for: 1h
- # labels:
- # severity: critical
- # - alert: NodeFilesystemFilesFillingUp
- # annotations:
- # description: Filesystem on {{ $labels.device }} at {{ $labels.instance }} has
- # only {{ printf "%.2f" $value }}% available inodes left and is filling up.
- # summary: Filesystem is predicted to run out of inodes within the next 24 hours.
- # expr: |-
- # (
- # node_filesystem_files_free{job="node",fstype!=""} / node_filesystem_files{job="node",fstype!=""} * 100 < 40
- # and
- # predict_linear(node_filesystem_files_free{job="node",fstype!=""}[6h], 24*60*60) < 0
- # and
- # node_filesystem_readonly{job="node",fstype!=""} == 0
- # )
- # for: 1h
- # labels:
- # severity: warning
- # - alert: NodeFilesystemFilesFillingUp
- # annotations:
- # description: Filesystem on {{ $labels.device }} at {{ $labels.instance }} has
- # only {{ printf "%.2f" $value }}% available inodes left and is filling up fast.
- # summary: Filesystem is predicted to run out of inodes within the next 4 hours.
- # expr: |-
- # (
- # node_filesystem_files_free{job="node",fstype!=""} / node_filesystem_files{job="node",fstype!=""} * 100 < 20
- # and
- # predict_linear(node_filesystem_files_free{job="node",fstype!=""}[6h], 4*60*60) < 0
- # and
- # node_filesystem_readonly{job="node",fstype!=""} == 0
- # )
- # for: 1h
- # labels:
- # severity: critical
- # - alert: NodeFilesystemAlmostOutOfFiles
- # annotations:
- # description: Filesystem on {{ $labels.device }} at {{ $labels.instance }} has
- # only {{ printf "%.2f" $value }}% available inodes left.
- # summary: Filesystem has less than 5% inodes left.
- # expr: |-
- # (
- # node_filesystem_files_free{job="node",fstype!=""} / node_filesystem_files{job="node",fstype!=""} * 100 < 5
- # and
- # node_filesystem_readonly{job="node",fstype!=""} == 0
- # )
- # for: 1h
- # labels:
- # severity: warning
- # - alert: NodeFilesystemAlmostOutOfFiles
- # annotations:
- # description: Filesystem on {{ $labels.device }} at {{ $labels.instance }} has
- # only {{ printf "%.2f" $value }}% available inodes left.
- # summary: Filesystem has less than 3% inodes left.
- # expr: |-
- # (
- # node_filesystem_files_free{job="node",fstype!=""} / node_filesystem_files{job="node",fstype!=""} * 100 < 3
- # and
- # node_filesystem_readonly{job="node",fstype!=""} == 0
- # )
- # for: 1h
- # labels:
- # severity: critical
- # - alert: NodeNetworkReceiveErrs
- # annotations:
- # description: '{{ $labels.instance }} interface {{ $labels.device }} has encountered
- # {{ printf "%.0f" $value }} receive errors in the last two minutes.'
- # summary: Network interface is reporting many receive errors.
- # expr: |-
- # increase(node_network_receive_errs_total[2m]) > 10
- # for: 1h
- # labels:
- # severity: warning
- # - alert: NodeNetworkTransmitErrs
- # annotations:
- # description: '{{ $labels.instance }} interface {{ $labels.device }} has encountered
- # {{ printf "%.0f" $value }} transmit errors in the last two minutes.'
- # summary: Network interface is reporting many transmit errors.
- # expr: |-
- # increase(node_network_transmit_errs_total[2m]) > 10
- # for: 1h
- # labels:
- # severity: warning
- # - alert: NodeHighNumberConntrackEntriesUsed
- # annotations:
- # description: '{{ $value | humanizePercentage }} of conntrack entries are used'
- # summary: Number of conntrack are getting close to the limit
- # expr: |-
- # (node_nf_conntrack_entries / node_nf_conntrack_entries_limit) > 0.75
+# https://awesome-prometheus-alerts.grep.to/rules
+
+
+# todo, we should probably group the prometheus alerts that indicate a
+# host-local problem.
+# eg, set a label alert-group: local-prom, then make a receiver that
+# groups by it when the alert-group is local-prom.
+
+- name: awesome prometheus alerts
+ rules:
+
+ - alert: PrometheusJobMissing
+ expr: absent(up{job="prometheus"})
+ for: 30m
+ labels:
+ severity: day
+ annotations:
+ summary: Prometheus job missing (instance {{ $labels.instance }})
+ description: "A Prometheus job has disappeared\n VALUE = {{ $value }}\n LABELS = {{ $labels }}"
+
+ - alert: PrometheusTargetMissing
+ expr: up == 0
+ for: 30m
+ labels:
+ severity: warn
+ annotations:
+ summary: Prometheus target missing (instance {{ $labels.instance }})
+ description: "A Prometheus target has disappeared. An exporter might be crashed.\n VALUE = {{ $value }}\n LABELS = {{ $labels }}"
+
+ # todo: this should supress the above alert
+ # - alert: PrometheusAllTargetsMissing
+ # expr: count by (job) (up) == 0
+ # for: 30m
# labels:
- # severity: warning
- # - alert: NodeClockSkewDetected
+ # severity: day
+ # alert-group: local-prom
# annotations:
- # message: Clock on {{ $labels.instance }} is out of sync by more than 300s. Ensure
- # NTP is configured correctly on this host.
- # summary: Clock skew detected.
- # expr: |-
- # (
- # node_timex_offset_seconds > 0.05
- # and
- # deriv(node_timex_offset_seconds[5m]) >= 0
- # )
- # or
- # (
- # node_timex_offset_seconds < -0.05
- # and
- # deriv(node_timex_offset_seconds[5m]) <= 0
- # )
- # for: 10m
+ # summary: Prometheus all targets missing (instance {{ $labels.instance }})
+ # description: "A Prometheus job does not have living target anymore.\n VALUE = {{ $value }}\n LABELS = {{ $labels }}"
+
+ - alert: PrometheusConfigurationReloadFailure
+ expr: prometheus_config_last_reload_successful != 1
+ for: 30m
+ labels:
+ severity: day
+ annotations:
+ summary: Prometheus configuration reload failure (instance {{ $labels.instance }})
+ description: "Prometheus configuration reload error\n VALUE = {{ $value }}\n LABELS = {{ $labels }}"
+
+ # I have an out of band alert to make sure prometheus is up. this
+ # looks like it would generate false positives. todo: think
+ # through what a valid crash loop detection would look like.
+ # - alert: PrometheusTooManyRestarts
+ # expr: changes(process_start_time_seconds{job=~"prometheus|pushgateway|alertmanager"}[15m]) > 10
+ # for: 0m
# labels:
# severity: warning
- # - alert: NodeClockNotSynchronising
# annotations:
- # message: Clock on {{ $labels.instance }} is not synchronising. Ensure NTP is configured
- # on this host.
- # summary: Clock not synchronising.
- # expr: |-
- # min_over_time(node_timex_sync_status[5m]) == 0
- # for: 10m
- # labels:
- # severity: warning
- # - alert: ianktest
- # expr: node_systemd_version >= 300
+ # summary: Prometheus too many restarts (instance {{ $labels.instance }})
+ # description: "Prometheus has restarted more than twice in the last 15 minutes. It might be crashlooping.\n VALUE = {{ $value }}\n LABELS = {{ $labels }}"
+
+ - alert: PrometheusAlertmanagerJobMissing
+ expr: absent(up{job="alertmanager"})
+ for: 30m
+ labels:
+ severity: warn
+ annotations:
+ summary: Prometheus AlertManager job missing (instance {{ $labels.instance }})
+ description: "A Prometheus AlertManager job has disappeared\n VALUE = {{ $value }}\n LABELS = {{ $labels }}"
+
+ - alert: PrometheusAlertmanagerConfigurationReloadFailure
+ expr: alertmanager_config_last_reload_successful != 1
+ for: 30m
+ labels:
+ severity: day
+ annotations:
+ summary: Prometheus AlertManager configuration reload failure (instance {{ $labels.instance }})
+ description: "AlertManager configuration reload error\n VALUE = {{ $value }}\n LABELS = {{ $labels }}"
+
+ - alert: PrometheusNotConnectedToAlertmanager
+ expr: prometheus_notifications_alertmanagers_discovered < 1
+ for: 30m
+ labels:
+ severity: day
+ annotations:
+ summary: Prometheus not connected to alertmanager (instance {{ $labels.instance }})
+ description: "Prometheus cannot connect the alertmanager\n VALUE = {{ $value }}\n LABELS = {{ $labels }}"
+
+ - alert: PrometheusRuleEvaluationFailures
+ expr: increase(prometheus_rule_evaluation_failures_total[3m]) > 0
+ for: 30m
+ labels:
+ severity: warn
+ annotations:
+ summary: Prometheus rule evaluation failures (instance {{ $labels.instance }})
+ description: "Prometheus encountered {{ $value }} rule evaluation failures, leading to potentially ignored alerts.\n VALUE = {{ $value }}\n LABELS = {{ $labels }}"
+
+ - alert: PrometheusTemplateTextExpansionFailures
+ expr: increase(prometheus_template_text_expansion_failures_total[3m]) > 0
+ for: 30m
+ labels:
+ severity: warn
+ annotations:
+ summary: Prometheus template text expansion failures (instance {{ $labels.instance }})
+ description: "Prometheus encountered {{ $value }} template text expansion failures\n VALUE = {{ $value }}\n LABELS = {{ $labels }}"
+
+ - alert: PrometheusRuleEvaluationSlow
+ expr: prometheus_rule_group_last_duration_seconds > prometheus_rule_group_interval_seconds
+ for: 5m
+ labels:
+ severity: warn
+ annotations:
+ summary: Prometheus rule evaluation slow (instance {{ $labels.instance }})
+ description: "Prometheus rule evaluation took more time than the scheduled interval. It indicates a slower storage backend access or too complex query.\n VALUE = {{ $value }}\n LABELS = {{ $labels }}"
+
+ - alert: PrometheusNotificationsBacklog
+ expr: min_over_time(prometheus_notifications_queue_length[30m]) > 0
+ for: 0m
+ labels:
+ severity: warn
+ annotations:
+ summary: Prometheus notifications backlog (instance {{ $labels.instance }})
+ description: "The Prometheus notification queue has not been empty for 10 minutes\n VALUE = {{ $value }}\n LABELS = {{ $labels }}"
+
+ - alert: PrometheusAlertmanagerNotificationFailing
+ expr: rate(alertmanager_notifications_failed_total[1m]) > 0
+ for: 30m
+ labels:
+ severity: warn
+ annotations:
+ summary: Prometheus AlertManager notification failing (instance {{ $labels.instance }})
+ description: "Alertmanager is failing sending notifications\n VALUE = {{ $value }}\n LABELS = {{ $labels }}"
+
+ # file_sd doesnt count as service discovery, so 0 is expected.
+ # - alert: PrometheusTargetEmpty
+ # expr: prometheus_sd_discovered_targets == 0
+ # for: 30m
# labels:
- # severity: critical
+ # severity: day
# annotations:
- # description: '{{ $labels.instance }} ianktest.'
- # summary: Instance {{ $labels.instance }} - ianktest
+ # summary: Prometheus target empty (instance {{ $labels.instance }})
+ # description: "Prometheus has no target in service discovery\n VALUE = {{ $value }}\n LABELS = {{ $labels }}"
+
+ - alert: PrometheusTargetScrapingSlow
+ expr: prometheus_target_interval_length_seconds{quantile="0.9"} > 90
+ for: 30m
+ labels:
+ severity: warn
+ annotations:
+ summary: Prometheus target scraping slow (instance {{ $labels.instance }})
+ description: "Prometheus is scraping exporters slowly\n VALUE = {{ $value }}\n LABELS = {{ $labels }}"
+
+ - alert: PrometheusLargeScrape
+ expr: increase(prometheus_target_scrapes_exceeded_sample_limit_total[10m]) > 10
+ for: 30m
+ labels:
+ severity: warn
+ annotations:
+ summary: Prometheus large scrape (instance {{ $labels.instance }})
+ description: "Prometheus has many scrapes that exceed the sample limit\n VALUE = {{ $value }}\n LABELS = {{ $labels }}"
+
+ - alert: PrometheusTargetScrapeDuplicate
+ expr: increase(prometheus_target_scrapes_sample_duplicate_timestamp_total[5m]) > 0
+ for: 30m
+ labels:
+ severity: warn
+ annotations:
+ summary: Prometheus target scrape duplicate (instance {{ $labels.instance }})
+ description: "Prometheus has many samples rejected due to duplicate timestamps but different values\n VALUE = {{ $value }}\n LABELS = {{ $labels }}"
+
+ - alert: PrometheusTsdbCheckpointCreationFailures
+ expr: increase(prometheus_tsdb_checkpoint_creations_failed_total[1m]) > 0
+ for: 30m
+ labels:
+ severity: warn
+ annotations:
+ summary: Prometheus TSDB checkpoint creation failures (instance {{ $labels.instance }})
+ description: "Prometheus encountered {{ $value }} checkpoint creation failures\n VALUE = {{ $value }}\n LABELS = {{ $labels }}"
+
+ - alert: PrometheusTsdbCheckpointDeletionFailures
+ expr: increase(prometheus_tsdb_checkpoint_deletions_failed_total[1m]) > 0
+ for: 30m
+ labels:
+ severity: warn
+ annotations:
+ summary: Prometheus TSDB checkpoint deletion failures (instance {{ $labels.instance }})
+ description: "Prometheus encountered {{ $value }} checkpoint deletion failures\n VALUE = {{ $value }}\n LABELS = {{ $labels }}"
+
+ - alert: PrometheusTsdbCompactionsFailed
+ expr: increase(prometheus_tsdb_compactions_failed_total[1m]) > 0
+ for: 30m
+ labels:
+ severity: warn
+ annotations:
+ summary: Prometheus TSDB compactions failed (instance {{ $labels.instance }})
+ description: "Prometheus encountered {{ $value }} TSDB compactions failures\n VALUE = {{ $value }}\n LABELS = {{ $labels }}"
+
+ - alert: PrometheusTsdbHeadTruncationsFailed
+ expr: increase(prometheus_tsdb_head_truncations_failed_total[1m]) > 0
+ for: 30m
+ labels:
+ severity: warn
+ annotations:
+ summary: Prometheus TSDB head truncations failed (instance {{ $labels.instance }})
+ description: "Prometheus encountered {{ $value }} TSDB head truncation failures\n VALUE = {{ $value }}\n LABELS = {{ $labels }}"
+
+ - alert: PrometheusTsdbReloadFailures
+ expr: increase(prometheus_tsdb_reloads_failures_total[1m]) > 0
+ for: 30m
+ labels:
+ severity: warn
+ annotations:
+ summary: Prometheus TSDB reload failures (instance {{ $labels.instance }})
+ description: "Prometheus encountered {{ $value }} TSDB reload failures\n VALUE = {{ $value }}\n LABELS = {{ $labels }}"
+
+ - alert: PrometheusTsdbWalCorruptions
+ expr: increase(prometheus_tsdb_wal_corruptions_total[1m]) > 0
+ for: 30m
+ labels:
+ severity: warn
+ annotations:
+ summary: Prometheus TSDB WAL corruptions (instance {{ $labels.instance }})
+ description: "Prometheus encountered {{ $value }} TSDB WAL corruptions\n VALUE = {{ $value }}\n LABELS = {{ $labels }}"
+
+ - alert: PrometheusTsdbWalTruncationsFailed
+ expr: increase(prometheus_tsdb_wal_truncations_failed_total[1m]) > 0
+ for: 30m
+ labels:
+ severity: warn
+ annotations:
+ summary: Prometheus TSDB WAL truncations failed (instance {{ $labels.instance }})
+ description: "Prometheus encountered {{ $value }} TSDB WAL truncation failures\n VALUE = {{ $value }}\n LABELS = {{ $labels }}"
/usr/local/bin/log-once "$@" | ifne mail -s "$HOSTNAME: system-status $2" daylerts@iankelling.org
}
-
+# todo, consider migrating some of these alerts into prometheus
write-status() {
chars=("${first_chars[@]}")
+ services=(
+ epanicclean
+ systemstatus
+ btrfsmaintstop
+ dynamicipupdate
+ )
+ bads=()
+ if systemctl show -p SubState --value ${services[@]} | egrep -v '^(running|)$'; then
+ for s in ${services[@]}; do
+ if [[ $(systemctl show -p SubState --value $s) != running ]]; then
+ bads+=($s)
+ fi
+ done
+ chars+=(MYSERS)
+
+ fi
+ lo -240 mysers ${bads[*]}
+
+ services=(
+ prometheus-node-exporter
+ prometheus-alertmanager
+ prometheus
+ )
+ case $HOSTNAME in
+ kd)
+ bads=()
+ if systemctl show -p SubState --value ${services[@]} | egrep -v '^(running|)$'; then
+ for s in ${services[@]}; do
+ if [[ $(systemctl show -p SubState --value $s) != running ]]; then
+ bads+=($s)
+ fi
+ done
+ chars+=(PROM)
+ fi
+ lo -240 prom ${bads[*]}
+ ;;
+ esac
+
# clock us out in timetrap if are idle too long
if [[ -e /p/.timetrap.db ]]; then
export DISPLAY=:0
glob=(/nocow/btrfs-stale/*)
if [[ -e ${glob[0]} ]]; then
- chars+=("STALE")
+ chars+=(STALE)
fi
+ var_mail_msg=
if [[ $(find /var/mail -type f \! -empty -print -quit) ]]; then
var_mail_msg="message in /var/mail"
fi
loday -1 var_mail $var_mail_msg
+
+ bouncemsg=
glob=(/m/md/bounces/new/*)
if [[ -e ${glob[0]} ]]; then
- chars+=("BOUNCE")
+ chars+=(BOUNCE)
bouncemsg="message in /m/md/bounces/new"
fi
loday -1 bounce $bouncemsg
# but its good enough for me.
glob=(/m/md/alerts/{new,cur}/!(*,S))
if [[ -e ${glob[0]} ]]; then
- chars+=("A")
+ chars+=(A)
fi
glob=(/m/md/daylerts/{new,cur}/!(*,S))
if [[ -e ${glob[0]} ]]; then
- chars+=("L")
+ chars+=(DAY)
fi
tmp=(/var/local/cron-errors/mailtest-check*)
if (( ${#tmp[@]} )); then
- chars+=("MAILPING")
+ chars+=(MAILPING)
fi
tmp=(/var/local/cron-errors/mailtest-slow*)
if (( ${#tmp[@]} )); then
- chars+=("SPAMD")
+ chars+=(SPAMD)
fi
# early in install process, we dont have permission yet for exiqgrep.
# 1100 helps allow for system restarts
qlen=$(/usr/sbin/exiqgrep -o 1100 -c -b | awk '{print $1}') ||:
+ qmsg=
if ((qlen)); then
qmsg="queue length $qlen"
chars+=("q $qlen")
# these conditions are so we dont have an overly verbose prompt
if $begin && $end; then
- chars+=("D")
+ chars+=(D)
elif $begin; then
- chars+=("DB")
+ chars+=(DB)
elif $end; then
- chars+=("DE")
+ chars+=(DE)
else
f=~/.local/conflink
# shellcheck disable=SC2043
# Just because i forget a lot, -mmin -NUM means files modified <= NUM minutes ago
if (( fmin < 0 )) && [[ $(find ${all_dirs[@]} -mmin $fmin -type f -print -quit 2>/dev/null) ]]; then
v conflink newer filesystem files
- chars+=("CONFLINK")
+ chars+=(CONFLINK)
break
fi
fi
if (( $(date -d "$(git log --diff-filter=ACR --format=%aD -1)" +%s) > fsec )); then
v conflink: newer files checked in to git
- chars+=("CONFLINK")
+ chars+=(CONFLINK)
break
fi
done < <(git ls-files -o --exclude-standard)
if [[ ${untracked[0]} && $(find "${untracked[@]}" -mmin $fminplus -type f -print -quit) ]]; then
v conflink: untracked in $d
- chars+=("CONFLINK")
+ chars+=(CONFLINK)
break
fi
done
fi
if [[ ! -e $f || $(<$f) != 0 ]]; then
v conflink: last run not found or failed
- chars+=("CONFLINK")
+ chars+=(CONFLINK)
break
fi
done
fi
-# if [[ $(grep -v "exim user lost privilege for using -C option" /var/log/exim4/paniclog 2>/dev/null ||:) ]]; then
+ # if [[ $(grep -v "exim user lost privilege for using -C option" /var/log/exim4/paniclog 2>/dev/null ||:) ]]; then
if [[ -s /var/log/exim4/paniclog ]]; then
chars+=("PANIC!")
# leave it up to epanic-clean to send email notification
if [[ $MAIL_HOST == "$HOSTNAME" ]]; then
bbkmsg=
if [[ $(systemctl is-active btrbk.timer) != active ]]; then
- chars+=("BTRBK.TIMER")
- bbkmsg="btrbk.timer not enabled"
+ chars+=(BTRBK.TIMER)
+ bbkmsg="not enabled"
fi
- lo -48 btrbk.timer $bbkmsg
+ lo -480 btrbk.timer $bbkmsg
## check if last snapshot was within an hour
vol=o
maxtime=$t
fi
done
+ snapshotmsg=
if (( maxtime < now - 4*60*60 )); then
- chars+=("OLD-SNAP")
+ chars+=(OLD-SNAP)
snapshotmsg="/o snapshot older than 4 hours"
fi
lo -1 old-snapshot $snapshotmsg
fi
main-loop() {
-while true; do
- power=true
- if [[ -e /sys/class/power_supply/AC/online && $(</sys/class/power_supply/AC/online) == 0 ]]; then
- power=false
- fi
- wait=15
- if ! $power; then
- wait=60
- fi
+ while true; do
+ power=true
+ if [[ -e /sys/class/power_supply/AC/online && $(</sys/class/power_supply/AC/online) == 0 ]]; then
+ power=false
+ fi
+ wait=15
+ if ! $power; then
+ wait=60
+ fi
- sleep $wait
- write-status
-done
+ sleep $wait
+ write-status
+ done
}
# ensure our long operations are one line so we are not prone errors
iankelling.org / git / distro-setup / commitdiff