Monitors
  • Dark
    Light

Monitors

  • Dark
    Light

Overview

You can use this document to learn about the Monitors page in the Edge Delta App.


Concepts

There are 2 types of monitors:

  • alert-based monitors
  • agent-based monitors

Alert-Based Monitors

Edge Delta collects and analyzes logs and metrics via the Edge Delta agent to provide valuable insight about the monitored systems.

Alert-based monitors are a mechanism to notify you about significant changes in your system.

Alert-based monitors expose anomalous behaviors identified with seasonal data, such as:

  • Collective negative sentiment increase in system logs
  • Individual negative sentiment increase in individual system events
  • Correlated increase in agent signals from different individual source such as negative metrics hitting thresholds
  • Anomalies in system-wide monitored metrics

Review the following default alert-based monitors that are defined for each organization:

  • Pattern Check Alerts
  • Pattern Skyline Alerts
  • Correlated Signal Alerts

Agent-Based Monitors

These monitors focus on the status of the Edge Delta agent, such as an inactive agent. Based on the status of the monitored agent, a notification can be sent to all members of the Admin group.

Review the following default agent-based monitor types that are added to every new account:

  • agent-down Monitor
  • crashloop Monitor
  • agent-destination Monitor

Reference

Alert-Based Monitors

Review the following monitor types.


Pattern Check (Pattern Alert)

This monitor:

  • Continuously processes collected event patterns with negative sentiment from multiple sources, and then
  • Notifies the anomalies in individual outlying events.

By default, configured agents that collect logs from different sources will send analyzed event patterns to the Edge Delta backend, which will be used by this monitor.

This monitor does not require any agent configuration to function.

Note

To learn how to create a custom alert monitor, see Patterns.


Pattern Skyline (Skyline Alert)

This monitor type:

  • Continuously processes the collected event patterns with negative sentiment from multiple sources, and then
  • Notifies the anomalies in different types of events collectively.

By default, configured agents that collect logs from different sources will send analyzed event patterns to the Edge Delta backend, which will be used by this monitor.

This monitor does not require any agent configuration to function.

Note

To learn how to create a custom alert monitor, see Patterns.


Correlated Signal Alerts

This monitor:

  • Continuously processes collected event patterns with negative sentiment from multiple sources, and then
  • Notifies the anomalies in individual outlying events.

In other words, if an usually high number of anomalies is detected, then a Correltated-Signal event will generate.

You can create this alert type in the Insights page.


Custom Metrics

This monitor processes the cumulative value of a specific metric within a configured scope.

Instead of signals, this monitor processes actual metrics to define a scope-wide threshold with control.

While this monitor can be managed in the Monitors page, you can only create this monitor in the Metrics page.

Note

To learn how to create a custom metric, see Metrics.


Agent-Based Monitors

Review the following default agent-based monitor types that are added to every new account.


agent-down Monitor

Th agent_down monitor notifies users when an agent is inactive.

The default alert will send an email to all members of the Admin group.


crashloop Monitor

The crashloop monitor notifies users when an agent is crashing.

The default alert will send an email to all members of the Admin group.


agent-destination Monitor

The agent_destination monitor notifies users when a steaming destination cannot be reached.

The default alert will send an email to all members of the Admin group.


Instructions


Create an Agent-Based Monitor

Note

To create a custom alert monitor, navigate to the Patterns page of the Edge Delta App, and then click Skyline Alert or Pattern Alert.

  • To learn how to create a custom alert monitor, see Patterns.
Note

To create a custom metrics monitors, navigate to the Metrics page of the Edge Delta App.

  • To learn how to create a custom metric, see Metrics.
  1. In the Edge Delta App, on the left-side navigation, click Data Pipeline, and then click Monitors.
  2. Click** Create Monitors**.
  3. Under Enabled, mark Enabled to immediately activate the monitor.
    • Mark Disabled to keep the monitor off. You can enable the monitor at a later time.
  4. Under Name, enter a descriptive name for the monitor.
  5. Under Type, select a monitor type.
  6. Based on the selected monitor type, review the following additional fields to complete. Afterwards, click Create Monitor.

Review additional fields for agent-down:

Field Description
Agent Unit Select the number of agents (count) or the percentage of agents (percentage) that must be down in order to trigger an alert.
Agent Tags Select the tag of an agent configuration to add to the monitor.
Email Recipients Enter an email address (or addresses) that should receive an alert. If you leave this field blank, then by default, only you (the creator of the monitor) will receive the alert.
Trigger Endpoints Select a triggering output / integration to receive the alert.
Suppression Window Specify a timeframe to pause notifications for similar alerts.
Timezone Select a timezone to display alerts.

Review additional fields for crashloop:

Field Description
Window Size Select how long Edge Delta should monitor a crashed agent before an alert is triggered.
Threshold Select how many times an agent can crash within the configured Window Size before an alert is triggered.
Agent Tags Select the tag of an agent configuration to add to the monitor.
Email Recipients Enter an email address (or addresses) that should receive an alert. If you leave this field blank, then by default, only you (the creator of the monitor) will receive the alert.
Trigger Endpoints Select a triggering output / integration to receive the alert.
Suppression Window Specify a timeframe to pause notifications for similar alerts.
Timezone Select a timezone to display alerts.

Review additional fields for agent-destination:

Field Description
Minimum Agent Count Enter the minimum number of agents that must experience a streaming issues before an alert is triggered. You must enter at least 1.
Alert For Transient Mark true (or false) to trigger an alert when an agent experiences a transient failure, specifically when the streaming destination has had a failure in the past 10 minutes.
Agent Tags Select the tag of an agent configuration to add to the monitor.
Email Recipients Enter an email address (or addresses) that should receive an alert. If you leave this field blank, then by default, only you (the creator of the monitor) will receive the alert.
Trigger Endpoints Select a triggering output / integration to receive the alert.
Suppression Window Specify a timeframe to pause notifications for similar alerts.
Timezone Select a timezone to display alerts.

Update an Existing Monitor

  1. In the Edge Delta App, on the left-side navigation, click Observability, and then click Monitors.
  2. Locate the desired monitor, then under Actions, click the vertical ellipses, and then click Edit.
  3. Make your changes, and then click Save.


Was this article helpful?

What's Next
Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.