Skip to content
This repository has been archived by the owner on Feb 3, 2023. It is now read-only.

Commit

Permalink
Merge pull request #304 from guilhemmarchand/testing
Browse files Browse the repository at this point in the history 
Version 1.2.41
  • Loading branch information
@guilhemmarchand
guilhemmarchand committed Apr 9, 2021
2 parents b030180 + 64da405 commit 1ba0729
Show file tree
Hide file tree
Showing 1,679 changed files with 434,094 additions and 125 deletions.
7 changes: 5 additions & 2 deletions docs/configuration.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -434,20 +434,22 @@ Using out of the box alerts
- Out of the box alerts are disabled by default, you need to enable alerts to start using them
- Alerts will trigger by default on ``high priority`` entities only, this is controlled via the macro definition ``trackme_alerts_priority``
- Edit the alert to perform your third party integration, for example ``sending emails`` or creating ``JIRA issues`` based on Splunk alert actions capabilities
- Out of the box alert enable by default two TrackMe alert actions, ``automatic acknowledgement`` and the ``Smart Status`` alert actions
- The results of the ``Smart Status`` alert action are automatically indexed in the TrackMe summary index within the sourcetype ``trackme_smart_status`` and can be used for investigation purposes

Creating custom alerts in assisted mode
---------------------------------------

**You can use this interface to a create one or more custom alerts:**

.. image:: img/cutom_alerts/img001.png
.. image:: img/custom_alerts/img001.png
:alt: img001.png
:align: center
:width: 1200px

**This opens the assistant where you can choose between different builtin options depending on the type of entities to be monitoring:**

.. image:: img/cutom_alerts/img002.png
.. image:: img/custom_alerts/img002.png
:alt: img002.png
:align: center
:width: 800px
Expand All @@ -459,6 +461,7 @@ Once you have created a new alert, it will be immediately visible in the trackin
- Creating custom alerts provide several layers of flexibility depending on your choices and preferences
- You may for example have alerts handling lowest level of prority with a specific type of alert action, and have a specific alert for highly critical entities
- Advanced setup can easily be performed such as getting benefits from the tags features and multiple alerts using tag policies to associate data sources and different types of alerts, recipients, actions...
- You may decide if you wish to enable or disable the TrackMe ``auto acknowledgement`` and ``Smart Status`` alert actions while creating alerts through the assistant

Final: Read the docs and start using TrackMe
============================================
Expand Down
1 change: 1 addition & 0 deletions docs/deployment.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ Dependencies
- Semicircle Donut Chart Viz, Splunk Base: https://splunkbase.splunk.com/app/4378
- Splunk Machine Learning Toolkit, Splunk Base: https://splunkbase.splunk.com/app/2890
- Splunk Timeline - Custom Visualization, Splunk Base: https://splunkbase.splunk.com/app/3120
- Splunk SA CIM - Splunk Common Information Model, Splunk Base: https://splunkbase.splunk.com/app/1621 (require for alert actions and result ingestion purposes)

Indexes
=======
Expand Down
Binary file added docs/img/alert_actions/auto_ack1.png
View file
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/img/alert_actions/auto_ack2.png
View file
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/img/alert_actions/auto_ack3.png
View file
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/img/alert_actions/auto_ack4.png
View file
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/img/alert_actions/free_style1.png
View file
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/img/alert_actions/free_style2.png
View file
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/img/alert_actions/free_style3.png
View file
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/img/alert_actions/smart_status1.png
View file
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/img/alert_actions/smart_status2.png
View file
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
0 docs/img/cutom_alerts/img001.png → docs/img/custom_alerts/img001.png
View file
File renamed without changes
Binary file added docs/img/custom_alerts/img002.png
View file
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file removed docs/img/cutom_alerts/img002.png
View file
Binary file not shown.
Binary file added docs/img/ootb_alerts2.png
View file
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/img/ootb_alerts3.png
View file
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
2 changes: 1 addition & 1 deletion docs/monitor_forwarders.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -128,4 +128,4 @@ Metric hosts tracking
:align: center
:width: 1200px

Congratulations, you have now a builtin, easy and efficient monitoring of your Splunk instances availability, enable and configure up to your preferences the :ref:`Out of the box alerts` and the job is done!
Congratulations, you have now a builtin, easy and efficient monitoring of your Splunk instances availability, enable and configure alerts up to your preferences the :ref:`Alerts tracking` and the job is done!
23 changes: 23 additions & 0 deletions docs/releasenotes.rst
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,29 @@
Release notes
#############

Version 1.2.41
==============

**CAUTION:**

This is a new main release branch, TrackMe 1.2.x requires the deployment of the following dependencies:

- Semicircle Donut Chart Viz, Splunk Base: https://splunkbase.splunk.com/app/4378
- Splunk Machine Learning Toolkit, Splunk Base: https://splunkbase.splunk.com/app/2890
- Splunk Timeline - Custom Visualization, Splunk Base: https://splunkbase.splunk.com/app/3120
- Splunk SA CIM - Splunk Common Information Model, Splunk Base: https://splunkbase.splunk.com/app/1621

TrackMe requires a summary index (defaults to trackme_summary) and a metric index (defaults to trackme_metrics):
https://trackme.readthedocs.io/en/latest/configuration.html

- Feature - Issue #300 - TrackMe now comes builtin with alert actions enabled by default on out of the box alerts, these actions perform auto acknowledgement, call and index the Smart Status result, the third action is a free style action that call any of the TrackMe REST API endpoints
- Change: Normalize the suppress fields for all alerts to use the object/object_category TrackMe naming convention
- Fix - Issue #293 - Splunk telemetry causes DateParserVerbose Warnings logged
- Fix - Issue #299 - Data Sampling - In some circumstances, the custom rule editor might fail to render events
- Fix - Issue #301 - Smart Status - the REST handler should call the eval state status macro in case it is called before the KVstore is updated
- Fix - Issue #302 - REST endpoints - Ack - wrong audit event logged
- Fix - Issue #303 - REST endpoints - Backup and Restore - the purge operation purges the archive but not the KVstore record

Version 1.2.40
==============

Expand Down

0 comments on commit 1ba0729

Please sign in to comment.