创建告警
<p class="shortdesc">本文主要介绍如何创建告警。</p>
<section class="section prereq" id="Create_Alarm__prereq_h1y_kf1_xmb"><div class="tasklabel"><h2 class="doc-tairway">前提条件</h2></div>
<ol class="ol" id="Create_Alarm__ol_wlh_lf1_xmb">
<li class="li">您已成功采集到日志。</li>
<li class="li">您配置日志采集的设备上有增量日志。</li>
<li class="li">您拥有平安邮箱。</li>
</ol>
</section>
<section class="section context"><div class="tasklabel"><h2 class="doc-tairway">背景信息</h2></div>
<p class="p">日志服务可以对采集到的日志内容进行监控,您可根据需要的场景制定告警规则。</p>
<p class="p">通过解析并统计满足告警规则的日志条数,根据用户制定的告警检测频率和阈值触发告警,从海量的日志存量数据中实现异常信息的秒级响应。触发告警后,系统以邮件的形式通知相关人员,降低运维风险。</p>
</section>
<section class="section limitation" id="Create_Alarm__o1p_3f1_xmb"><div class="tasklabel"><h2 class="doc-tairway">使用限制</h2></div>
<p class="p">告警通知邮件仅支持发送到平安邮箱。</p>
</section>
<section><div class="tasklabel"><h2 class="doc-tairway">操作步骤</h2></div><ol class="ol steps"><li class="li step stepexpand">
<span class="ph cmd"> 登录<a class="xref" href="/console/logcloud/indexed/list" target="_blank">日志服务管理控制台</a>。</span>
</li><li class="li step stepexpand">
<span class="ph cmd">单击左侧导航栏<span class="ph uicontrol">告警管理</span>,进入<span class="keyword wintitle">告警列表</span>页面。</span>
</li><li class="li step stepexpand">
<span class="ph cmd">选择目标地域,单击页面右上角<span class="ph uicontrol">创建告警</span>,进入<span class="keyword wintitle">创建告警</span>页面。</span>
</li><li class="li step stepexpand">
<span class="ph cmd">根据以下信息,创建告警:</span>
<div class="itemgroup info">
<table class="table" id="Create_Alarm__table_p1s_4f1_xmb"><caption></caption><colgroup><col><col></colgroup><thead class="thead">
<tr class="row">
<th class="entry" id="Create_Alarm__table_p1s_4f1_xmb__entry__1">参数</th>
<th class="entry" id="Create_Alarm__table_p1s_4f1_xmb__entry__2">说明</th>
</tr>
</thead><tbody class="tbody">
<tr class="row">
<td class="entry" headers="Create_Alarm__table_p1s_4f1_xmb__entry__1 "><p class="p">告警名称</p></td>
<td class="entry" headers="Create_Alarm__table_p1s_4f1_xmb__entry__2 "><p class="p">配置告警的名称。</p>
<ul class="ul" id="Create_Alarm__ul_q1s_4f1_xmb">
<li class="li">支持汉字、英文大小写字母、数字、特殊字符“_”“-”“@”。</li>
<li class="li">长度在1~45个字符之间。</li>
</ul></td>
</tr>
<tr class="row">
<td class="entry" headers="Create_Alarm__table_p1s_4f1_xmb__entry__1 "><p class="p">事件关键字</p></td>
<td class="entry" headers="Create_Alarm__table_p1s_4f1_xmb__entry__2 ">
<p class="p">搜索日志内容的关键字,可以使用AND和OR对多个告警关键字进行联合规则定义。</p>
<p class="p">例如:(条件1 AND 条件2) OR (条件3)</p>
</td>
</tr>
<tr class="row">
<td class="entry" headers="Create_Alarm__table_p1s_4f1_xmb__entry__1 "><p class="p">地域</p></td>
<td class="entry" headers="Create_Alarm__table_p1s_4f1_xmb__entry__2 "><p class="p">选择应用此告警的地域。</p></td>
</tr>
<tr class="row">
<td class="entry" headers="Create_Alarm__table_p1s_4f1_xmb__entry__1 "><p class="p">应用到项目</p></td>
<td class="entry" headers="Create_Alarm__table_p1s_4f1_xmb__entry__2 "><p class="p">选择应用此告警的项目。</p></td>
</tr>
<tr class="row">
<td class="entry" headers="Create_Alarm__table_p1s_4f1_xmb__entry__1 "><p class="p">应用到主机组</p></td>
<td class="entry" headers="Create_Alarm__table_p1s_4f1_xmb__entry__2 "><p class="p">选择应用此告警的主机组。</p>
<div class="note important note_important"><span class="note__title">重要:</span> 该告警仅对已选择的主机组采集到的日志数据生效。</div></td>
</tr>
<tr class="row">
<td class="entry" headers="Create_Alarm__table_p1s_4f1_xmb__entry__1 "><p class="p">触发条件</p></td>
<td class="entry" headers="Create_Alarm__table_p1s_4f1_xmb__entry__2 "><p class="p">在指定分钟内高于或低于告警规则的日志次数,即在指定的分钟内,高于或低于设置的次数时会产生告警。</p></td>
</tr>
<tr class="row">
<td class="entry" headers="Create_Alarm__table_p1s_4f1_xmb__entry__1 "><p class="p">反馈日志数量</p></td>
<td class="entry" headers="Create_Alarm__table_p1s_4f1_xmb__entry__2 "><p class="p">在告警通知邮件中,反馈的异常日志数量。取值范围是0~100。</p></td>
</tr>
<tr class="row">
<td class="entry" headers="Create_Alarm__table_p1s_4f1_xmb__entry__1 "><p class="p">告警通知限制</p></td>
<td class="entry" headers="Create_Alarm__table_p1s_4f1_xmb__entry__2 ">
<p class="p">在以下情况,会发送告警通知:</p>
<ul class="ul" id="Create_Alarm__ul_s1s_4f1_xmb">
<li class="li">告警未解决前不重复发送告警通知。</li>
<li class="li">在指定的分钟内,只发送一次告警。默认情况下,是1分钟。</li>
<li class="li">固定时间段内不发送告警通知。默认情况下,可选择:每天、周六至周日、法定休息日或自定义。</li>
</ul></td>
</tr>
<tr class="row">
<td class="entry" headers="Create_Alarm__table_p1s_4f1_xmb__entry__1 "><p class="p">邮箱地址</p></td>
<td class="entry" headers="Create_Alarm__table_p1s_4f1_xmb__entry__2 "><p class="p">接收告警邮件的邮箱地址。目前仅支持平安邮箱,例如:example@pingan.com.cn。</p></td>
</tr>
</tbody></table>
</div>
</li><li class="li step stepexpand">
<span class="ph cmd">单击页面右侧<span class="ph uicontrol">确定</span>。</span>
</li></ol></section>
<section class="section result" id="Create_Alarm__result_ktp_qf1_xmb"><div class="tasklabel"><h2 class="doc-tairway">执行结果</h2></div>
<p class="p">在<span class="ph uicontrol">告警列表</span>页签,可以看到刚刚创建的告警规则。 </p>
<img class="image" id="Create_Alarm__image_exw_sf1_xmb" src="https://pcp-portal-sca.obs-cn-shenzhen.pinganyun.com/pcp-portal-sca/20210106133703-197ba2839cf8.png" width="830">
</section>
提交成功!非常感谢您的反馈,我们会继续努力做到更好!