We have some JSON multiline logs which we need to pull into Site24x7 AppLogs and alert on. This log is stored in an AWS S3 bucket. Below I have posted 1 machine's entry into this 'heartbeat' log.
Log Details:
- Each machine has a unique ID,
- Newly provisioned machines will generate their own unique ID,
- Each machine will record their heartbeat (example below) in the same log every 5 seconds,
- There are hundreds of machines sending heartbeats,
Requirements:
- Alert when any unique ID is present < 10 times per 3 minutes of logs.
- Alert when any unique ID stops appearing completely.
- How can we operate on each ID - suppressing a machine alert individually without suppressing the entire log?
"machineData": { "name": "B", "callCenterName": "DEV-Station", "machineTimeUTC": "2019-01-01T09:27:11.620Z", "id": "662dc1ae-404b-4f0d-9599-ceca6e20f42c", "stack": "dev", "machineTime": "2019-01-01T11:27:11.620+02:00" }
I'm hoping you guys might have some ideas on how to do this!
Apparently also the JSON structure is not something AppLogs can parse????
Thanks!
Hi,
We are working on a solution for pulling logs from S3 buckets. Once the framework is in place we can get these parsing of JSON to be more easier. Will update here once the project is completed.
-Jasper
Product Manager, Site24x7