Hello Everyone We are trying to setup an Grafana InfluxDB log message alert to send the error notification whenever we get error in log message.
InfluxDB query we are using is to read syslog logs
SELECT COUNT(distinct("data")) AS "count_data" FROM "telegraf"."autogen"."syslog"
WHERE $timeFilter AND "host"='thor' AND "path"='/var/log/syslog' AND "data" =~ /.*error|ERROR.*/
GROUP BY time(1m), host, path FILL(null)
Grafana alert template
{{ define "log_template" }}
Status: {{ len .Alerts.Firing }} firing. {{ len .Alerts.Resolved }} resolved.
{{ range .Alerts -}}
Host: {{ .Labels.host }}
Message: {{ .Labels.last_data }}
Path: {{ .Labels.path }}
Summary: {{ .Annotations.summary }}
Labels:
- Operation: {{ .Labels.Operation }}
Dashboard URL: <a href="{{ .DashboardURL }}">Click to view dashboard</a>
Pannel URL: <a href="{{ .PanelURL }}">Click to view panel</a>
Silence URL: <a href="{{ .SilenceURL }}">Click to silence alert</a>
{{ end }}
{{ end }}