Hi,
Been using influxdb for quite a while now, and have recently started using
kapacitor to analysis data and generate alerts. All my simple alerts work
perfectly, but I'm trying to do something slightly more complicated. I'm
attempted to compare the average data from the last 60 seconds with the
average data from the last 14 days, and then generate an alert if the last
60 seconds is significately greater than the last 14 days. Having looked at
previous discussions on this subject I create the following tick script:
var last_minute = batch
|query('select mean(latency_avg) FROM "vdc"."default".latency')
.groupBy('source','destination')
.period(1m)
.every(1m)
|log()
.prefix('LATENCY_AVG:SHORT')
var last_2weeks = batch
|query('select mean(latency_avg) FROM "vdc"."default".latency')
.groupBy('source','destination')
.period(2w)
.every(1m)
|log()
.prefix('LATENCY_AVG:LONG')
last_2weeks
|join(last_minute)
.as('last_2weeks','last_minute')
.tolerance(60s)
|log()
.prefix('LATENCY_AVG:JOINED')
|eval(lambda: "last_minute.mean" / "last_2weeks.mean")
.as('ratio')
|log()
.prefix('LATENCY_AVG:END')
|alert().crit(lambda: "ratio" > 1.0)
.log('/tmp/latency.log')
The vars are initially generated correctly:
[latency_avg:log2] 2016/10/25 11:16:20 I! LATENCY_AVG:SHORT
{"name":"latency","tmax":"2016-10-25T11:16:20.18402423Z","group":"destination=zrh-jos-eu-col-1,source=sto-002-eu-col-1","tags":{"destination":"zrh-jos-eu-col-1","source":"sto-002-eu-col-1"},"points":[{"time":"2016-10-25T11:15:20.18402423Z","fields":{"mean":37.7},"tags":{"destination":"zrh-jos-eu-col-1","source":"sto-002-eu-col-1"}}]}
[latency_avg:log4] 2016/10/25 11:16:25 I! LATENCY_AVG:LONG
{"name":"latency","tmax":"2016-10-25T11:16:20.184029496Z","group":"destination=zrh-jos-eu-col-1,source=sto-002-eu-col-1","tags":{"destination":"zrh-jos-eu-col-1","source":"sto-002-eu-col-1"},"points":[{"time":"2016-10-11T11:16:20.184029496Z","fields":{"mean":37.731245818821975},"tags":{"destination":"zrh-jos-eu-col-1","source":"sto-002-eu-col-1"}}]}
But once the join happens, there is are no fields in the data:
[latency_avg:log7] 2016/10/25 11:16:25 I! LATENCY_AVG:JOINED
{"name":"latency","tmax":"2016-10-25T11:16:00Z","group":"destination=zrh-jos-eu-col-1,source=sto-002-eu-col-1","tags":{"destination":"zrh-jos-eu-col-1","source":"sto-002-eu-col-1"}}
[latency_avg:log9] 2016/10/25 11:16:25 I! LATENCY_AVG:END
{"name":"latency","tmax":"2016-10-25T11:16:00Z","group":"destination=zrh-jos-eu-col-1,source=sto-002-eu-col-1","tags":{"destination":"zrh-jos-eu-col-1","source":"sto-002-eu-col-1"}}
I'm pretty sure I'm doing something wrong here, so any pointers would be
great.
Thanks,
Peter
--
Remember to include the version number!
---
You received this message because you are subscribed to the Google Groups
"InfluxData" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at https://groups.google.com/group/influxdb.
To view this discussion on the web visit
https://groups.google.com/d/msgid/influxdb/e86b11f3-1dd9-4b38-b348-179b5371ca5e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
