release notes | Book: 2.10, 2.11, 2.12, 2.13, 2.14 | Wiki | Q&A black_bg
Web: Multi-page, Single page | PDF: A4-size, Letter-size | eBook: epub black_bg

Advanced Service Configuration: Custom Alarm Definitions

It should be fairly straightforward to add or modify custom definitions via either the interpreter from the dcache shell, or the admin definition commands.

An alarm definition consists of the following:

PropertyPossible valuesRequired
typeName of this alarm type (settable only once).YES
keyWordsWhitespace-delimited concatenation of key field names (see below).YES
regexA pattern to match the message with.

Note

It is advisable to place the regex pattern in double quotes, e.g., "[=].[\w]*"
YES
regex-flagsA string representation of the (Java) regex flags options, joined by the 'or' pipe symbol: e.g., CASE_INSENSITIVE | DOTALL. For fuller explanation, see the Java Tutorial on Regular Expressions.NO
match-exceptionTrue = recur over embedded exception messages when applying the regex match (default is False).NO
depthInteger ≥ 0, = depth of exception trace to examine when applying match-exception; undefined means unbounded (default).NO

For example:

      <alarmType>
      <type>SERVICE_CREATION_FAILURE</type>
      <regex>(.+) from ac_create</regex>
      <keyWords>group1 type host domain service</keyWords>
      </alarmType>
    

The alarm key (the property keyWords) is the set of attributes whose values uniquely identify the alarm instance. For example, an alarm defined using message, but without including timestamp in its key, would suggest that all events with exactly the same message content are to be considered duplicates of the first such alarm. The key field names which can be used to constitute the key include the attributes defined for all alarms, plus the parsing of the message field into regex groups:

  • timestamp
  • domain
  • service
  • host
  • message (= group0)
  • groupN

These attribute names should be delimited by (an arbitrary number of) whitespace characters. Note that timestamp and message derive from the logging event, while host, domain and service are properties added to the event’s diagnostic context map.

The key field name groupN, where N is an integer, means that the Nth substring (specified by parentheses) will be included. For N=0, group0 is identical to message, which means that the whole message string should be included as an identifier.

Alarms that are generated by the code at the origin of the problem may carry with them other arbitrary unique identifier values, but custom definitions are limited to the values associated with these fixed fields.