Clovertech

Duplicate Alerts

Clovertech Forums Cloverleaf Duplicate Alerts

  • Creator
    Topic
  • April 9, 2025 at 4:45 pm #121992
    Matthew Greene
    Participant

      I have alerts that are duplicating each time they fire.  Anyone have this happen before?  I noticed this ‘WITH’ parameter but so far have been unable to find any documentation on what it does.

      {ALERT
      { NAME to_fusion_Queue_Depth_Over_5000_15min }
      { VALUE opque }
      { SOURCE to_fusion }
      { WITH -2 }
      { COMP {> 5000} }
      { FOR {nmin 15} }
      { REPEATING {
      { MAX -1 }
      { TIME {nmin 5} }
      } }
      { WINDOW */*/*/* }
      { CUSTOMMSG {{ITEM {AlertType CurrentTime HostName Source SiteName}} {DELIMITER keyvalue}} }
      { ACTION {
      { tcl {AlertSendtoTeams “$$TeamsChannel” “$$TeamsURL” “$$SiteName”

        } }
        { notify {} }
        } }
        }

        From the alerts log:

        [04/08/2025 16:15:29] :  Alert Fired Action
         : Alert: to_fusion | to_fusion_Queue_Depth_Over_5000_15min
         : Message: Thread outbound queue depth (8341) of to_fusion has been more than 5000 for 15 minutes, currently {to_fusion 8341}
         : Notification #: 0
         : Action: notify
        [04/08/2025 16:15:29] :  Alert Fired Action
         : Alert: to_fusion | to_fusion_Queue_Depth_Over_5000_15min
         : Message: Thread outbound queue depth (8341) of to_fusion has been more than 5000 for 15 minutes, currently {to_fusion 8341}
         : Notification #: 0
         : Action: notify
      1. Creator
        Topic
      Viewing 2 reply threads
      • Author
        Replies
        • April 10, 2025 at 10:27 am #121993
          Jay Hammond
          Participant

            I just did a test and it looks like the WITH is set to -2 for ANY or -1 for ALL and a positive number with the value entered for AT LEAST in the Source Count. I want to say I remember in the past that having Source Count set to ANY may not fire the alert.  Could you try setting it to something different like ALL?

          • April 10, 2025 at 11:06 am #121994
            Matthew Greene
            Participant

              Thanks for checking.  My issue isn’t that the alert is not firing, it’s that it’s firing twice at the same time (I have a couple of alerts doing this).  This seemed to start after an OS reboot a couple weeks ago.

            • April 10, 2025 at 3:39 pm #121995
              Matthew Greene
              Participant

                This issue has been resolved.  Turns out there was an old monitord process still running in parellel with a new one causing the duplicated alerts.  I killed that process and it fixed the issue.  Note the process was never killed just by restarting the monitord daemon.

            • Author
              Replies
            Viewing 2 reply threads
            • You must be logged in to reply to this topic.