-
Notifications
You must be signed in to change notification settings - Fork 34
/
opensearch-alert.tf
65 lines (63 loc) · 2.37 KB
/
opensearch-alert.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
module "opensearch_alert_ip_prefix" {
source = "github.com/ministryofjustice/cloud-platform-terraform-opensearch-alert?ref=1.0.2"
secret_name = "live-monitoring-3ca3cc4085f66db3"
secret_key = "url"
slack_channel_name = "high-priority-alarms"
slack_channel_name_description = "Cloud Platform high priority alarms channel"
opensearch_alert_name = "Unable to assign IP prefix monitor - InsufficientCidrBlocks alert"
opensearch_alert_enabled = true
monitor_period_interval = "1"
monitor_period_unit = "MINUTES"
index = ["live_ipamd-*"]
trigger_name = "Unable to assign IP prefix monitor - InsufficientCidrBlocks trigger"
serverity = 1
query_source = "ctx.results[0].hits.total.value > 0"
action_name = "Unable to assign IP prefix monitor - InsufficientCidrBlocks action"
slack_message_subject = ":alert: Unable to assign IP prefix monitor - InsufficientCidrBlocks :alert:"
slack_message_template = "Monitor {{ctx.monitor.name}} just entered alert status.\nThe subnet does not have enough free cidr blocks to assign IP prefix, please investigate the issue and check logs for more details.\n- Trigger: {{ctx.trigger.name}}\n- Severity: {{ctx.trigger.severity}}"
alert_throttle_enabled = true
throttle_value = 60
throttle_unit = "MINUTES"
environment_name = var.environment
alert_query = jsonencode(
{
"sort": [
{
"@timestamp": {
"order": "desc",
"unmapped_type": "boolean"
}
}
],
"size":0,
"query": {
"bool": {
"must": [],
"filter": [
{
"multi_match": {
"type": "phrase",
"query": "InsufficientCidrBlocks",
"lenient": true
}
},
{
"range": {
"@timestamp": {
"from": "{{period_end}}||-1m",
"to": "{{period_end}}",
"include_lower": true,
"include_upper": true,
"format": "epoch_millis",
"boost": 1
}
}
}
],
"should": [],
"must_not": []
}
}
}
)
}