Examples of rules
Here are some examples of rules. The alerting rules are configured in a .toml file. For example, alerting-kmua-*.toml file.
kmua-zos-hourly-sysplex
- Rule Name
zos-hourly-sysplex-critical- Index Pattern
kmua-kzhs-omegamon-km5-km5wlmclrx-ds-anomalies- Severity
- Critical
- Custom Query
- Severity >= 7 and anomaly_position : 1
- Tag
kzhs- Scheduled
- Runs every: 30 minutes
Additional look-back time : 24 hours
- Action
- Send a schedule e-mail
- Configuration File
- alerting-kmua-zos-hourly-sysplex.toml
kmua-network-hourly-lpar
- Rule Name
network-hourly-lpar-critical- Index Pattern
kmua-knhl-omegamon-kn3-kn3gtc-ds-anomalies- Severity
- Critical
- Custom Query
- Severity >= 15 and anomaly_position : 1
- Tag
knhl- Scheduled
- Runs every: 30 minutes
Additional look-back time : 24 hours
- Action
- Send a schedule e-mail
- Configuration File
- alerting-kmua-network-hourly-lpar.toml
kmua-jvm-hourly-job
- Rule Name
jvm-hourly-job-critical- Index Pattern
kmua-kjhj-omegamon-kjj-gcsumm-ds-anomalies- Severity
- Critical
- Custom Query
- Severity >= 3 and anomaly_position : 1
- Tag
kjhj- Scheduled
- Runs every: 30 minutes
Additional look-back time : 24 hours
- Action
- Send a schedule e-mail
- Configuration File
- alerting-kmua-jvm-hourly-job.toml
kmua-zos-daily-lpar
- Rule Name
zos-daily-lpar-critical- Index Pattern
kmua-kzdl-omegamon-km5-km5wlmclrx-ds-anomalies- Severity
- Critical
- Custom Query
- Severity > 7 and anomaly_position : 1
- Tag
kzdl- Scheduled
- Runs every: 15 minutes
Additional look-back time : 24 hours
- Action
- Send a schedule e-mail
- Configuration File
- alerting-kmua-zos-daily-lpar.toml