I tried Graylog Community forum but no response from there, so I am asking Stackoverflow for help.
I need to setup a Graylog alert based on field value greater than certain threshold. for example, my message:
“sample alert, age: 100”
I want to get an alert when age > 60. (you can assume age extractor is setup and age is converted to numeric value)
There’s this aggregate condition in alert but it does aggregation across multiple messages. What I need is much simpler than that,
Is this possible? How could I do that?
Notes:
My Graylog version v2.4.6
Thanks in advance
There is no alert condition you can use to check if any message contains a field > n. The workaround for this would be to setup a stream that contains all messages where a field is > n and then use the message count condition on that stream to alert on any incoming message.
Related
I'd like to measure how many events arrive within allowed lateness grouped by particular feature of the event. We assume particular type of events have way more late arrivals and would like to verify this.
The place to make the measurement I thought of is our custom trigger within onElement method as this is the place where we know whether event is late of not. Yet in case of SlidingEventTimeWindows that means that a single element can be counted multiple timess if it's late by more than a slide.
Any suggestions?
You might do this separately from the windowing. You could set the allowed lateness to zero, and divert all late events to a side output. You can then key that stream of late events by the feature(s) of interest, and use a RichFlatMapFunction or KeyedProcessFunction to count the events, which can then be reported as a custom metric, or sent to a sink.
I know there's health check to check specific URLs, but I was wondering if there was a simpler way to setup a signal and have seq generate an error if that signal has no entries in the last 24 hours, so that seq not only can notify us of errors via Digest Email app for instance, but also notify us if something like a job failed to run altogether, which would obviously generate no error.
Seq's dashboard alerts can do this. They're based on charts which are configured with a few different parameters.
On the chart's Signal tab, choose the signal.
On the chart's Query tab:
select count(*) as count
from stream
And from the Alerts tab, an an alert with condition:
count = 0
over the time range you want to check.
I'm trying to do a little bit of analysis on the topics of emails I receive. I have the emails in a Google-sheet in the format below. I'm trying to count how often 'privacy' or 'confidentiality' are mentioned. My challenge is that pretty much every email signature mentions one of those words, so when i use SEARCH every cell returns TRUE.
Most email signatures start with similar phrases, so I tried deleting anything after those phrases with this formula:
=ArrayFormula(TRIM(LEFT(B1:B,MIN(IFERROR(FIND({" This email and any","IMPORTANT NOTICE", " Important notice","The information in this email"," The contents of this message"," Information in this email including"," This electronic mail message"," this message and any attachments"," This message is intended for the addressee only"," This email is CONFIDENTIAL"},B1:B),LEN(L2))))))
Column B is the column with the email body text in.
However that seems to be deleting text that follows words that aren't in my search (deleting everything after 'not' instead of 'IMPORTANT NOTICE' for instance).
Could anyone advise on either:
what's wrong with my above search
an alternate way of searching for 'privacy' and 'confidentiality' without including text from email signatures.
Example table:
|email title|email body|
|-----------|----------|
|Do you want to buy my stuff| Hi there, I'd like to know if you'd like to buy this thing I want to sell you. IMPORTANT: this email is private|
|two-for-the-price-of-one| I've a great offer for you! This email and attachments are private & confidential|
|Last chance to buy stuff!| Can we have a private call about whether you want to buy my stuff yet?|
In the example above I want to count row 3, but not rows 1 & 2, as the 'private' and 'confidential' mentions in 1 & 2 are in the signature.
Thanks!
I think I understand the error that you've described is occuring with your formula. Once the formula finds one of the values you are using to try to identify an email signature, such as " Important notice", and returns the location of that text, let's say position 96, it then uses 96 for all of the cells, like this: LEFT(B1:B,96). So you might not be able to do the compound arrayformula of an arrayformula that you are trying.
Using the formula like this, in B2, and dragging it down, should work though:
=ArrayFormula(TRIM(LEFT(B2,MIN(IFERROR(
FIND({" This email and any","IMPORTANT NOTICE", " Important notice","The information in this email"," The contents of this message"," Information in this email including"," This electronic mail message"," this message and any attachments"," This message is intended for the addressee only"," This email is CONFIDENTIAL"},B2),
LEN(L2))))))
Note: I'm not sure what value is in your L2.
But for the overall approach, it really depends on how well your terms to identify email signatures work, so as to exclude them from your final full text searches.
I have a scenario where I want to find out the total number of emails within a specific date range. I am currently using the List Messages API (GET /users/{id | userPrincipalName}/messages) and tried specifying the $count=true parameter but it is not returning the correct value. I researched on this and found out that the #odata.count value for messages is not reliable and has a bug where it fails to report the correct count (Very Strange).
Another option is to explore the List Mail Folders API (GET /users/{id | userPrincipalName}/mailFolders) which has a totalItemCount value that I can use but unfortunately there is no way to specify a date range in this API.
Finally, the most crude option is to use the List Messages API and manually count the number of items returned but obviously it will not be efficient.
Can someone please let me know how this can be achieved in a better way?
Edit:
The $count=true gives correct value when I get emails inside a specific folder (/users/{id | userPrincipalName}/mailFolders/{id}/messages) and not all emails for a user (/users/{id | userPrincipalName}/messages). Is there something I am missing?
Is there any way to add a line item containing a negative amount to an existing invoice?
I'm using QBSDK7 and QB Enterprise. (and if it matters .Net 3.5)
What we're attempting to do is automate the way we're creating invoices. We're already pulling in employee's time and applying it to the correct invoices, but when we go to add credits (just a negative amount on a line item on the invoice) using
InvoiceLineMod.Amount.SetValue(-1234)
it fails with the error "Transaction must be positive"
I've also tried adding a Service Item with a negative amount and giving it a positive quantity and I get the same result.
This seems like such a no-brainer as we have been doing this manually for the last 10 years. I'm guessing there is artificial restriction on this.
Some things to consider:
Credit Memos are no good as we need to display exact details of the reduction on the same page.
We don't have payments to apply yet in most cases.
This need to be done before any retainers are applied.
Any help would be greatly appreciated.
Can you show the complete code you're using to modify the invoice? Can you also show the exact error message you're getting?
It is possible, though to do you need to make sure that you're using a Discount Item as your ItemRef type (a Service Item will not work), and you need to make sure that the transaction as a whole is for a positive amount.
Sometimes our app has to adjust an invoice down with a negative number. I have been able to add negative line items using the following code. I have to set a quantity and a rate, instead of setting the amount.
IInvoiceLineAdd ila = ia.ORInvoiceLineAddList.Append().InvoiceLineAdd;
ila.ItemRef.ListID.SetValue(GetQBID(JobKey));
ila.Desc.SetValue("Adjustment");
ila.Quantity.SetValue(1);
ila.ORRatePriceLevel.Rate.SetValue(-1.00);
Quickbooks doesn't allow you to post an invoice with a negative balance. If you try to do it through the UI, it prompts you to create a credit memo instead. (And vice-versa if you try it with a credit memo.)
You can enter negative quantities and/or prices into the line items, but the total of the invoice has to be >= 0 or it won't post (i.e., add other line items that offset the negative amounts).
The solution is to use credit memos. Your client-side processing will be more complicated, but it's the only choice with Quickbooks.