0

On the documentation it say's there is a link for an example of creating a log-based alert using the Monitoring API but there's only an example how to create it using the UI.

I am having trouble building a new alertPolicy using the Java Monitoring API because there does not seem to be a Condition builder for Log-based alerts (using the Log query filter). I don't think I should be using the Absent, Threshold, or MonitoringQueryLanguage options. How can I build the correct condition?

enter image description here

Improve this question

2 Answers 2

Reset to default
2

  • The three condition types MetricAbsence, MetricThreshold and MonitoringQueryLanguageCondition are Conditions for metric-based alerting policies. Since we want to create a log based alert policy, according to the Condition for log-based alerting policies, the condition type must be "LogMatch".

  • AlertPolicy.Condition.Builder class has methods to set condition with metric-based alerting condition types but not with log-based condition type i.e., LogMatch. The class "AlertPolicy.Condition.Builder" doesn't seem to have a method to do so. Note that the log-based alert is pre-GA (Preview) feature per public doc. So various client libraries may not support this yet.

  • Although, when creating a new Alert Policy using projects.alertPolicies.create, we can add a condition of type "conditionMatchedLog".

  • So, it is recommended to use UI or above API, but not the client library until it supports the condition.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

That is as I had also seen, so thanks for confirming. I did code a version that let's me do log based alerts using the API by going in and working directly with the protobuf. I hope Google is able to add this feature in the future.
0

As Ashish pointed out, this is not currently available in the client library. Hopefully it will be added soon but for the time being for anyone who wants to add a log based alert condition (conditionMatchedLog) using the Java Client library, this is what the code looks like.

  public static UnknownFieldSet createConditionMatchedLog(String filter) {
    // filter = "\nseverity = \"NOTICE\""; example filter

    UnknownFieldSet.Field logMatchString =
            UnknownFieldSet.Field.newBuilder()
                    .addLengthDelimited(ByteString.copyFromUtf8(filter))
                    .build();

    UnknownFieldSet logMatchFilter =
            UnknownFieldSet.newBuilder()
                    .addField(1, logMatchString)
                    .build();

    UnknownFieldSet.Field logMatchFilterCombine =
            UnknownFieldSet.Field.newBuilder()
                    .addLengthDelimited(logMatchFilter.toByteString())
                    .build();

    UnknownFieldSet logMatchCondition =
            UnknownFieldSet.newBuilder()
                    .addField(20, logMatchFilterCombine)
                    .build();

    return logMatchCondition;
  }

When constructing the actual Alert, you also need to define the Alert Strategy.

public static UnknownFieldSet createAlertStrategyFieldSet(long periodTime) {
    //Making the alertStrategy field since you need those for log based alert policies
    UnknownFieldSet.Field period =
            UnknownFieldSet.Field.newBuilder()
                    .addVarint(periodTime) //must be an long
                    .build();

    UnknownFieldSet periodSet =
            UnknownFieldSet.newBuilder()
                    .addField(1, period)
                    .build();

    UnknownFieldSet.Field periodSetField =
            UnknownFieldSet.Field.newBuilder()
                    .addLengthDelimited(periodSet.toByteString())
                    .build();

    UnknownFieldSet periodSetFieldUp =
            UnknownFieldSet.newBuilder()
                    .addField(1, periodSetField)
                    .build();

    UnknownFieldSet.Field periodSetField2 =
            UnknownFieldSet.Field.newBuilder()
                    .addLengthDelimited(periodSetFieldUp.toByteString())
                    .build();

    UnknownFieldSet periodSetFieldUp2 =
            UnknownFieldSet.newBuilder()
                    .addField(1, periodSetField2)
                    .build();

    UnknownFieldSet.Field periodSetField3 =
            UnknownFieldSet.Field.newBuilder()
                    .addLengthDelimited(periodSetFieldUp2.toByteString())
                    .build();


    UnknownFieldSet AlertStrategy =
            UnknownFieldSet.newBuilder()
                    .addField(21, periodSetField3)
                    .build();
    return AlertStrategy;
  }

Putting it together

UnknownFieldSet conditionMatchedLog = createConditionMatchedLog(filter);

// Construct Condition object
AlertPolicy.Condition alertPolicyCondition =
        AlertPolicy.Condition.newBuilder()
                .setDisplayName(med.getConditions().get(index).getDisplayName())
                .setUnknownFields(conditionMatchedLog)
                .build();

//Making the alertStrategy field since you need those for log based alert policies
UnknownFieldSet alertStrategy = createAlertStrategyFieldSet(convertTimePeriodFromString(med.getAlertStrategy().getNotificationRateLimit().getPeriod()));

// Build the log based alert policy
AlertPolicy alertPolicy =
        AlertPolicy.newBuilder()
                .setDisplayName(med.getDisplayName())
                .addConditions(alertPolicyCondition)
                .setCombiner(AlertPolicy.ConditionCombinerType.OR)
                .setEnabled(BoolValue.newBuilder().setValue(true).build())
                .setUnknownFields(alertStrategy)
                .build();
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.