All Apps and Add-ons

NOTIFY ME WHEN LOST CONNECTION WITH DATABASE

javierlf
Explorer

How do I configure splunk to notify me by email when cutting the connection to the database and can not continue indexing data? I use db connect.

best regards.

0 Karma

javierlf
Explorer

An alternative to this method that to be very configurable, you can put in 24 hours if not generated any event, send a Notice splunk, but if in 72 hours not generated any email sent event of danger.
Could there perhaps a better alternative?

0 Karma

lukejadamec
Super Champion

It actually works very efficient for me because I'm using dbx to monitor database logging. We use a tailing method and therefore the dbx is checking on a schedule and each time dbx checks the database it genenerates a log entry. If we loose the connection to the database then we get an alert, and when the database is connected we are guaranteed that there will be events.

0 Karma

javierlf
Explorer

Great, thank you very much lukejadamec !

With regard to this method that you mention it, I do not know if it's very efficient because you have to trust that every day, 24 Hs of the day, the DB will be generating at least one event .... In case you did not, then the alert would begin to annoy, taking away sense to notice.

0 Karma

javierlf
Explorer

great, thank you very much!

0 Karma

javierlf
Explorer

great, thank you very much!

0 Karma

lukejadamec
Super Champion

You can create a search like:
index=yourdbxindex source=yourdbxsource

Save the search.

Create an Alert for the search:

Time: -15m@m now

Schedule: Cron 0 */1 * * *

Condition: If number of events is less than 1

Send Email: Enable

Email Address: your email address

This will check once an hour for data from your dbx source. Change the cron schedule to adjust the frequency.

lukejadamec
Super Champion

For some reason the Cron schedule was truncated. It should read zero space star slash one space star space star space star

0 Karma
Get Updates on the Splunk Community!

Improve Data Pipelines Using Splunk Data Management

  Register Now   This Tech Talk will explore the pipeline management offerings Edge Processor and Ingest ...

3-2-1 Go! How Fast Can You Debug Microservices with Observability Cloud?

Register Join this Tech Talk to learn how unique features like Service Centric Views, Tag Spotlight, and ...

Thank You for Celebrating CX Day with Splunk!

Yesterday the entire team at Splunk + Cisco joined the global celebration of CX Day - celebrating our ...