![]() Define the Email/Webhook Recipients, Alert Schedule, and Notification Content for the Flow Alert. You can see which Group by options are available for each alert in the Alert Builder by hovering over the alert and viewing the Alert Description. For example, if Alert A is grouped by Region and by Cluster, and Alert B is grouped by Region and by Pod, the Alert Flow will only be able to be grouped by Region, and not by Cluster or Pod, as that is the only Group by option available to both alerts in the flow. Note that the available keys will be the intersection group between the different alerts. Remember to set a timeframe for each stage. Organize the alerts into groups and stages as explained above. These details include the Query, Conditions, and Group By fields. To view a tool-tip with the details for each alert, hover over the alert. Drag and drop existing alerts from the left-hand panel into the Flow Builder workspace area. Define the Alert Flow by clicking Open Flow Builder. Enter the Alert Name, Description, and Severity. The following alert types do not support the NOT logical operator:.You can combine a maximum of 30 alerts into a single Flow alert.The duration of the timeframe in all stages cannot exceed 36 hours.The first stage of a flow will always have a timeframe of 00:00:00.The first stage of a flow alert can only contain 1 group.The Flow Alert must have a minimum of 2 stages.LimitationsĪs you define a flow alert, consider the following constraints: Multiple groups can be present in a stage. The group supports OR, AND, and NOT logical operators to combine multiple individual alerts.Ī Stage represents alert groups that need to trigger within a specified timeframe. The basic building blocks of the Flow Alert are stages and groups.Ī group represents a logical combination of individual user-defined alerts. Overview ConceptsĬoralogix provides the Flow Builder tool to visually combine, and then chain together, the user-defined alerts that will trigger a Flow Alert. Google Cloud Platform (GCP) Security Posture Management (CSPM)Ĭloud Security Posture Management (CSPM) – Amazon Web Services (AWS)Īmazon Web Services (AWS) Traffic Mirroring StrategiesĪ Flow Alert is designed to notify you when any combination of alert events occurs in a specific sequence within a defined timeframe.įor example, to be notified of an increase in HTTP error rate caused by high CPU utilization, a Flow Alert should be configured to trigger when a high CPU utilization alert is followed by a high HTTP error rate alert within a defined timeframe. Security Traffic Analyzer (STA) Dashboards Kubernetes Context Enrichment w/Coralogix STA Google Workspace Data Ingestion – Google Cloud Platform (GCP)Īuto-Generated Custom Enrichments Service Kubernetes with Fluent Bit (Without Helm)Īmazon Web Services (AWS) SNS Data Ingestion Tutorial: Install and Configure Filebeat to Send Your Logs to Coralogix Microsoft Azure DevOps Server Version Tags Microsoft Azure Activity and Audit Logs with FileBeat Terraform Modules for Microsoft Azure Event Hub ![]() Terraform Modules for Amazon Web Services (AWS)Īmazon Web Services (AWS) CloudFormation LogsĪmazon Web Services (AWS) CloudWatch Metrics Processing using CloudWatch Metric Stream & Firehose Delivery StreamĬoralogix Amazon Web Services (AWS) Lambda Telemetry ExporterĪmazon Web Services (AWS) EKS Fargate LogsĪmazon Web Services (AWS) Kinesis Data Firehose – MetricsĪmazon Web Services (AWS) Kinesis Data Firehose – LogsĪmazon Web Services (AWS) ECS Fargate LogsĪmazon Web Services (AWS) Kinesis with Lambda FunctionĬonnect Logstash to Amazon Web Services (AWS) KinesisĪmazon Web Services (AWS) CloudWatch LogsĪmazon Web Services (AWS) S3 Log Collectionīlob Storage via EventGrid: Microsoft Azure Functions Tail Sampling with Coralogix and OpenTelemetryĪmazon Web Services (AWS) ECS-EC2 using OpenTelemetryĪmazon Web Services (AWS) S3 Log Collection via SNS TriggerĬoralogix Amazon Web Services (AWS) PrivateLink Endpoints Collect Kubernetes Events using OpenTelemetryĪmazon Web Services (AWS) ECS-EC2 OpenTelemetry Instrumentation ![]()
0 Comments
Leave a Reply. |