I'm trying to optimize my alert messages with loki
437 views
Skip to first unread message
Alex Newman
Jul 8, 2020, 4:22:45 PM7/8/20
to lokiproject
I'm using grafana and loki in prometheus mode to send alerts to slack whenever I get a "ERROR" sent in the logs.
The query looks like
sum(count_over_time({namespace="prod"} |= "error" [5m])) by (app)
It's pretty decent. I know the basics like the app, but what I really want is some of the log contexts inserted into the alert.
what I want is something like
sum(count_over_time({namespace="prod"} |= "error" [5m])) by (app, original_log_line)
Cyril Tovena
Jul 8, 2020, 4:30:43 PM7/8/20
to Alex Newman, lokiproject
Hello Alex,
Not currently possible but in the future we're going to allow you to extract data from the log line into labels at query time.
This way you will be able to do somewhat close to what you shared.
Thanks,
Stay tuned.
--
You received this message because you are subscribed to the Google Groups "lokiproject" group.
To unsubscribe from this group and stop receiving emails from it, send an email to lokiproject...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/lokiproject/ba70b5e1-710f-48c3-a4bd-6eb6c00f9b37o%40googlegroups.com.
Alex Newman
Jul 8, 2020, 4:38:13 PM7/8/20
to Cyril Tovena, lokiproject
Okie doke. What about doing it from promtail? Perhaps I can have it
send to a slack webhook? I'd assume it's better than routing
everything through grafana anyway?
send to a slack webhook? I'd assume it's better than routing
everything through grafana anyway?
Cyril Tovena
Jul 8, 2020, 4:47:09 PM7/8/20
to Alex Newman, lokiproject
It won't have the original log line too.
Promtail only extract metrics.
Alex Newman
Nov 27, 2020, 10:50:12 AM11/27/20
to lokiproject
Is this possible in loki 2?
Reply all
Reply to author
Forward
0 new messages