I am sending alerts when a certain condition is met on the looker dashboard. However the mail i.e. alert sent by looker is very limited. I wanted to know if there is any way to attach certain variables, current_time and other details to it when alert is triggered. As of now what I see is that it has capability to send only text along with dashboard link.
I would like to have something like:
An alert was triggered from #{variable1} at #{current_time}
where the #{variable1}, #{current_time} can be treated as variables.
I am not sure if there is any support for it or not. So far documentation didn't help me.
Related
I have a series of logs inside my Cloudwatch Log groups.
They look like this:
2023-01-27T08:00:00 - {LogTitle} Unfortunately {DataName} has an error {error}
I want to be able to send individual emails for specific LogTitles and specific DataNames.
I might want to know about the "LogTitle": "Importer" and get an email but I don't want others as they happen too frequently.
Any idea how I should approach this?
I have read about using Dimensions inside a metric alarm and metric filter but I don't know much about it.
Also, I intend to use Terraforms to code this AWS log service as infrastructure. That way I can deploy it again easily without going through manual AWS set up.
Any help appreciated to point me in the right direction.
Thanks.
I'm sending data to Splunk and everything is working just fine, i can see the data that i'm sending and run a query and get results. Right now I'm only using a test data set, but eventually people will be sending their own fields (as well as the mandatory ones). My question is, since I don't know what kind of data they will be sending, can I still set up alerts for them? Can I create something general?
It's pretty hard to create a generic alert that's actually useful. You may be able to craft something using the mandatory fields, but it may not be all that helpful.
If you're opposed to letting users create their own alerts then let them come to you with what they want.
I've run into a few different issues with the PagerDuty integration in Splunk Cloud.
The documentation on PagerDuty's site is either outdated, not applicable to Splunk Cloud or else there's something wrong with the way my Splunk Cloud account is configured (could be a permissions issue): https://www.pagerduty.com/docs/guides/splunk-integration-guide/. I don't see an Alert Actions page in Splunk Cloud, I have a Searches, Reports and Alerts page though.
I've configured PD alerts in Splunk using the alert_logevent app but it's not clear if I should instead be using some other app. These alerts do fire when there are search hits but I'm seeing another issue (below). The alert_webhook app type seems like it might be appropriate but I was unable to get it to work correctly. I cannot create an alert type using the pagerduty_incident app. . . although I can set it as a Trigger Action (I guess this is how it's supposed to work, I don't find the UI to intuitive here).
When my alerts fire and create incidents in PagerDuty, I do not see a way to set the PagerDuty incident severity.
Also, the PD incidents include a link back to Splunk, which I believe should open the query with the search hits which generated the alert. However, the link brings me to a page with a Page Not Found! error. It contains a link to "more information about my request" which brings up a Splunk query with no hits. This query looks like "index=_internal, host=SOME_HOST_ON_SPLUNK_CLOUD, source=*web_service.log, log_level=ERROR, requestid=A_REQUEST_ID". It it not clear to me if this is a config issue, bug in Splunk Cloud or possibly even a permissions issue for my account.
Any help is appreciated.
I'm also a Splunk Cloud + PagerDuty customer and ran into the same issue. The PagerDuty App for Splunk seems to create all incidents as Critical but you can set different severities with event rules.
One way to do this is dynamically is to rename your Splunk alerts with the desired severity level and then create a PagerDuty event rule for each level that looks for the keyword in the Summary. For example...
If the following condition is met:
Summary contains "TEST"
Then perform the following actions:
Set severity = Info
screenshot of the example in the event rule edit screen
It's a bit of pain to rename your existing alerts in Splunk but it works.
If your severity levels in Splunk are programmatically set like in Enterprise Security, then another method would be to modify the PagerDuty App for Splunk to send the $alert.severity$ custom alert action token as a custom detail in the webhook payload and use that as event rule condition instead of Summary... but that seems harder.
I am using Python and have previously built Telegram chatbot before.
However, now I want to create a chatbot such that when someone invites it, it will send an initial message that says something like "type /start for instructions".
This is to make sure that they know what to do when they first invite the bot. Can this be possibly done?
I am trying to use bot.send_message(chat_id=chat_id, text="type /start for instructions") but the problem is I don't know how I could obtain the chat_id.
Unfortunately, you cannot do it :(
Here has another way you might interested: /setdescription in #BotFather.
It will be shown in the What can this bot do? section as the picture below.
After digging this issue - here's what I've found:
The reason:
Intuitively it seems logical to allow a feature that sends a message to a user (as a reaction to the user's action for starting the chat). BUT, because telegram APIs are truly vast there is a fair chance for abuse in this format (a message with button that drives the user for action without the user truly understand the consequences). From here my question changed from "how to implement this mechanism?" to "Which alternative do I have?"
There is an alternative!
My initial goal was to make the "what can I do here" factor as clear and effortless to the user as possible. Technically speaking - all methods that can be invoked without the chat_id can be invoked as part of your bot setup process and will affect all users. One option is to create a list of commands to your bot. This list will appear when the user use the / operator and it's a common practice among chat users. For my intention - I needed something even simpler than that and I think that the setChatMenuButton is very suitable. This method allows you to create a web app and allows the user to simply click it instead of typing text. When clicking the button it triggers a dialog that clarifies to the user what's going on and from there - it's basically your imagination that will define how the end-user will experience your process. I managed to execute this call using a wrapper that I've build (which handles the base url as well as secret key) using this code:
await api.get('setChatMenuButton', {
menu_button: JSON.stringify({
type: 'web_app',
text: 'Name of your app here',
web_app: { url: 'https://your-domain.com/ppp/path/goes/here' }
}),
})
More about Telegram Web Apps
And a little screenshot from my experience:
I run a parse app that is basically an appointment system but I was wondering if there is a way that my app/parse can notify me when someone sets an appointment? As of right now I receive no emails or any kind of alert so I have to stay on the parse site, and refresh it every 5 minutes.
One thing you could do is write a cloud code pre save function that sends you an email automatically every time an appointment is saved.
https://parse.com/docs/cloud_code_guide#functions-onsave
That link should help you get started on writing a cloud code function on save for your objects.
As far as sending an email from Javascript, I believe it is doable, here is an example of part of a response that could help you:
http://stackoverflow.com/questions/7381150/how-to-send-an-email-from-javascript