Missing to send all error logs from grafana loki

asamruddhi99 · June 24, 2024, 7:33am

We are grouping different logs based on app name, log, log level and metric key. And send unique error log to alert manager.
We have observed loki missed to send some error messages to alertmanager.
Lets consider: For a given time interval if we see 5 error message grouped on loki for different apps and different metric key, unexpectedly it sends 2 errors events further. (Expected to send all 5 )

Before sending alerts it fires below expression:
rules:

 -alert: ErrorInLogs
  expr: | 
      sum by (log,app,level,metric) (count_over_time({level="ERROR"} | regexp " (?P<log>.+)" [1m])) > 0

  for: 0s

Let us know how can we resolve missing alert issue?

tonyswumac · June 24, 2024, 9:38pm

Most likely alertmanager grouping your alerts rather than Loki not sending alerts. Check your alertmanager setup, disable all grouping if needed for testing purpose.

Topic		Replies	Views
Alert for every error in logs Grafana Loki alerting , loki	1	1805	April 13, 2022
Alert disapears after 5 minutes Grafana Loki alerting	14	2578	May 24, 2023
How to send alert for every error in my logs using Promtail / Loki - AlertManager? Configuration loki	1	1115	February 10, 2021
Loki groups rules get content log Grafana Loki alerting , loki , alert-notifications	1	369	November 4, 2023
Loki logs detailed description Grafana Loki	2	392	February 5, 2022

Missing to send all error logs from grafana loki

Related topics