Solved: I have created an alert and setup email for it but...

shreyasathavale · ‎05-19-2015

I have created the following alert (using UI or Alert Manager) and have set alert mail on condition warning > 0 which is working fine.

earliest=-2h environment=Test Severity=Error|stats count as warning by Message,_time |sort _time desc

Now i want the mail format to be in tabular form so i modified the search to below with same alert condition:

earliest=-2h environment=Test Severity=Error|stats count as warning by Message,_time |sort _time desc|table Message,_time

But the 2nd search is not generating an alert mail.
Any idea on this will be helpful

stephanefotso · ‎05-19-2015

If your condition is warning > 0 , warning must be one of your table outputs. Try this and let me know

earliest=-2h environment=Test Severity=Error|stats count as warning by Message,_time |sort _time desc|table Message,_time, warning

SGF

stephanefotso · ‎05-19-2015

If your condition is warning > 0 , warning must be one of your table outputs. Try this and let me know

earliest=-2h environment=Test Severity=Error|stats count as warning by Message,_time |sort _time desc|table Message,_time, warning

SGF

shreyasathavale · ‎05-19-2015

Thanks..will try it..

stephanefotso · ‎05-20-2015

ok. Iet me know if any issue.

SGF

shreyasathavale · ‎05-24-2015

Had tried that too previously but was not working. Created the same alert using savedsearch and it worked 🙂

shreyasathavale · ‎05-19-2015

search is returning values but still not sending an email.. 😞 rather have got a blank mail without results in mail

stephanefotso · ‎05-22-2015

ok now, at the alert action screen, include an inline Table .

SGF

I have created an alert and setup email for it but its not working