我在 sumologic 中配置了我的服务器,并且在 sumologic 中完成了日志记录。我想根据日志记录启用一些警报。
我看到两个选项 1) 预定搜索 2) 指标。我的警报应该基于请求的某些执行时间,这些请求正在记录在相扑逻辑上。目前我做了预定的搜索,它的工作原理。有没有更好的方法来完成指标?换句话说,这些指标是否有不同的目的/额外的优势?
问问题
119 次
1 回答
0
The difference is the data itself. Your logs have information that your metrics don't, and vice versa. You should alert based on the data you have that you want to alert on. Take into consideration the frequency of the logs or metrics you are sending to Sumo Logic.
Scheduled searches on logs are great for getting alerts, they have certain limitations.
Metrics have monitors for alerts. For your metrics query, you can set a monitor on a time series to alert when the metric has crossed a static threshold, and then send an email or Webhook notification. You can set a maximum of one critical alert, one warning alert, and one missing data alert for each monitor, each with one or more notification destinations.
Sumo Logic has detailed information on their features in their online documentation.
于 2020-01-16T22:07:40.187 回答