Pre-Defined Search Filter Alert
The Pre-Defined Search Filter Alert allows for alert notification when a text search match occurs within the received log message. This alert leverages the Log Appliance search filters for the text search match definitions.
Example
“searchFilterName/MySearchFilter//FewerThan/100//TimeSpan/60”
The following table lists the Pre-Defined Search Filter Alert-specific parameters. You must include the parameters as inputs for the alertRules parameter.
| Parameter | Description | Values | Required | Type |
|---|---|---|---|---|
| searchFilterName | Name of the search filter. | Any text up to 64 characters in length. | yes | string |
| FewerThan | Minimum number of messages that must be received within a time period (TimeSpan parameter) before an alert is generated. If the number of messages drops below FewerThan, an alert is generated.
The FewerThan and MoreThan parameters make up the alert range. You do not have to specify both FewerThan and MoreThan. |
Any positive integer between 1 and 100. | yes | string |
| MoreThan | Maximum number of messages that can be received within a time period (TimeSpan parameter) before an alert is generated. If the number of messages exceeds MoreThan, an alert is generated.
The FewerThan and MoreThan parameters make up the alert range. You do not have to specify both FewerThan and MoreThan. |
Any positive integer between 1 and 100. | yes | string |
| TimeSpan | Period of time that must be exceeded by the FewerThan and MoreThan thresholds before an alert is triggered.
If the FewerThan and MoreThan thresholds are met for the specified TimeSpan, an alert is generated. |
Any positive integer. The value is in seconds. For example, the value 120 represents two minutes.
The default is 60. |
yes | int |