You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Add some context for alert metrics like machine name. This will allow to better see the attack vector on Grafana dashboards.
Current query is sum(cs_alerts{instance="$instance"}) on Crowdsec Details per instance dashboard and it display 0 alerts on agent nodes when local DB is disabled. When I change it to sum(cs_alerts{}) then all alerts from all instances is displayed. It would be better if we could see the source for alerts like sum(cs_alerts{}) by (alert_source) if such data were available.
Why is this needed?
Prometheus alert metrics become useless when the engine switched to the agent mode (with centralized LAPI) as they comes from the local DB even if local LAPI server is disabled.
The text was updated successfully, but these errors were encountered:
Check Releases to make sure your agent is on the latest version.
Details
I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository.
@seamus-45: There are no 'kind' label on this issue. You need a 'kind' label to start the triage process.
/kind feature
/kind enhancement
/kind refactoring
/kind bug
/kind packaging
Details
I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository.
What would you like to be added?
Add some context for alert metrics like machine name. This will allow to better see the attack vector on Grafana dashboards.
Current query is
sum(cs_alerts{instance="$instance"})
on Crowdsec Details per instance dashboard and it display 0 alerts on agent nodes when local DB is disabled. When I change it tosum(cs_alerts{})
then all alerts from all instances is displayed. It would be better if we could see the source for alerts likesum(cs_alerts{}) by (alert_source)
if such data were available.Why is this needed?
Prometheus alert metrics become useless when the engine switched to the agent mode (with centralized LAPI) as they comes from the local DB even if local LAPI server is disabled.
The text was updated successfully, but these errors were encountered: