- Find Answers
- :
- Splunk Platform
- :
- Splunk AppDynamics
- :
- Alerts based on specific error code for a Business...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Alerts based on specific error code for a Business Transaction
Hi Experts,
I need suggestions on how we can send email alerts for specific error codes for a Business Transaction.
BT and Error detection is working as expected, the question is only on alerting part.
Consider, BT1 have errors reported as 400,500,300,XXX.
The requirement is to get an email alert when 500 errors are more than 1 for BT1.
Any pointers will be helpful.
Regards,
Sahil
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Sahil,
If you have Analytics, then you could define an Analytics metric with a query similar to this:
SELECT count(*) FROM transactions WHERE transactionName = "BT1" and userExperience = "ERROR" and segments.errorList.errorCode = "500"
And then define your Health Rule based on this metric.
Mark
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @Mark.Byrne
Thanks for your suggestion, I missed mentioning that we do NOT have an analytics license.
Regards,
Sahil Gupta
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Sahil,
I wondered if that was the case.
The only other thing I can think of, which might not be appropriate in your case, is to use the Error Detection configuration to ignore all HTTP errors apart from the 500.
This of course would mean you would lose visibility of the other errors codes, so probably isn't a good option.
Mark
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Mark,
As you pointed right, we can ignore all HTTP errors apart from the 500 but it is not a good solution. At least if we have an option to ignore errors for specific business transaction(Instead of whole Application), that would have helped.
Thanks Mark for your suggestions. Lets keep this discussion open to see if anyone else can contribute.
Regards,
Sahil Gupta
Say goodbye to manually analyzing phishing and malware threats with Splunk Attack ...
AppDynamics is now part of Splunk Ideas
Advanced Splunk Data Management Strategies
