Skip to content

Commit d666dcc

Browse files
chetanchoudhary-sumokimsauceJV0812amee-sumo
authored
SUMO-252275: Adding monitor's information to OTEL Apps Set4 (#4943)
* SUMO-252275: Adding monitor's information to OTEL Apps Set4 * Adding Monitor table for Linux CSMA OTEL APP * fix syntax * Update docs/integrations/app-development/opentelemetry/puppet-opentelemetry.md Co-authored-by: Jagadisha V <[email protected]> * Update docs/integrations/app-development/opentelemetry/jira-opentelemetry.md Co-authored-by: Jagadisha V <[email protected]> * Update docs/integrations/app-development/opentelemetry/jira-opentelemetry.md Co-authored-by: Jagadisha V <[email protected]> * Update docs/integrations/app-development/opentelemetry/jira-opentelemetry.md Co-authored-by: Jagadisha V <[email protected]> * Update docs/integrations/app-development/opentelemetry/jira-opentelemetry.md Co-authored-by: Jagadisha V <[email protected]> --------- Co-authored-by: Kim Pohas <[email protected]> Co-authored-by: Jagadisha V <[email protected]> Co-authored-by: Amee Lepcha <[email protected]>
1 parent e0de648 commit d666dcc

File tree

5 files changed

+57
-8
lines changed

5 files changed

+57
-8
lines changed

docs/integrations/app-development/opentelemetry/jfrog-artifactory-opentelemetry.md

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -259,10 +259,10 @@ import CreateMonitors from '../../../reuse/apps/create-monitors.md';
259259

260260
| Name | Description | Alert Condition | Recover Condition |
261261
|:--|:--|:--|:--|
262-
| `Artifactory - Excessive Denied Login Attempts` | This alert is triggered when there are multiple denied login attempts from the same IP or user. | Count `>` 5 | Count `<=` 5 |
263-
| `Artifactory - High 4xx Status Codes` | This alert is triggered when there's a high number of HTTP 4xx error responses. | Count `>` 10 | Count `<=` 10 |
264-
| `Artifactory - High 5xx Status Codes` | This alert is triggered when there's a high number of HTTP 5xx error responses. | Count `>` 10 | Count `<=` 10 |
265-
| `Artifactory - High Denied Deploys to Cached Repos` | This alert is triggered when there's a high number of denied deploy attempts to cached repositories. | Count `>` 5 | Count `<=` 5 |
266-
| `Artifactory - High Denied Deploys to Non-Cached Repos` | This alert is triggered when there's a spike in denied deploy attempts to non-cached repositories. | Count `>` 5 | Count `<=` 5 |
267-
| `Artifactory - High Denied Downloads` | This alert is triggered when there's a high number of denied download attempts. | Count `>` 5 | Count `<=` 5 |
268-
| `Artifactory - Slow HTTP Response Times` | This alert is triggered when Artifactory response times are high. | Count `>` 5 | Count `<=` 5 |
262+
| `Artifactory - Excessive Denied Login Attempts` | This alert is triggered when there are multiple denied login attempts from the same IP or user. | Count > 5 | Count \<= 5 |
263+
| `Artifactory - High 4xx Status Codes` | This alert is triggered when there's a high number of HTTP 4xx error responses. | Count > 10 | Count \<= 10 |
264+
| `Artifactory - High 5xx Status Codes` | This alert is triggered when there's a high number of HTTP 5xx error responses. | Count > 10 | Count \<= 10 |
265+
| `Artifactory - High Denied Deploys to Cached Repos` | This alert is triggered when there's a high number of denied deploy attempts to cached repositories. | Count > 5 | Count \<= 5 |
266+
| `Artifactory - High Denied Deploys to Non-Cached Repos` | This alert is triggered when there's a spike in denied deploy attempts to non-cached repositories. | Count > 5 | Count \<= 5 |
267+
| `Artifactory - High Denied Downloads` | This alert is triggered when there's a high number of denied download attempts. | Count > 5 | Count \<= 5 |
268+
| `Artifactory - Slow HTTP Response Times` | This alert is triggered when Artifactory response times are high. | Count > 5 | Count \<= 5 |

docs/integrations/app-development/opentelemetry/jira-opentelemetry.md

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -277,3 +277,21 @@ The **Jira - Sprints Events** dashboard provides insights on sprint events in Ji
277277
The **Jira - User Events** dashboard provides information about user events in Jira, including the number of user events, trends, and users that have been updated, created, and deleted.
278278
279279
<img src='https://sumologic-app-data-v2.s3.amazonaws.com/dashboards/Jira-OpenTelemetry/Jira-User-Events.png' alt="User Events" />
280+
281+
282+
## Create monitors for Jira app
283+
284+
import CreateMonitors from '../../../reuse/apps/create-monitors.md';
285+
286+
<CreateMonitors/>
287+
288+
### Jira alerts
289+
290+
| Name | Description | Alert Condition | Recover Condition |
291+
|:--|:--|:--|:--|
292+
| `Jira - Abnormal Session Creation Rate Alert` | This alert is triggered when there are unusual patterns in session creation/destruction that might indicate security issues or system problems. | Count >= 1 | Count < 1 |
293+
| `Jira - High Average Response Time Alert` | This alert is triggered when elevated response times in Jira are detected, indicating potential performance degradation. | Count >= 5000 | Count < 5000 |
294+
| `Jira - High HTTP 4xx Error Rate Alert` | This alert is triggered when there is increase in HTTP 4xx errors to detect service disruptions. | Count >= 50 | Count < 50 |
295+
| `Jira - High HTTP 5xx Error Rate Alert` | This alert is triggered when there is increase in HTTP 5xx errors to detect service disruptions. | Count >= 50 | Count < 50 |
296+
| `Jira - High Priority Issues Unassigned SLA Alert` | This alert is triggered when high-priority issues remain unassigned beyond the Default SLA threshold of 30 minutes (1800000 milliseconds). To adjust the SLA, update the value in the query to the desired time in milliseconds (e.g., 15 minutes = 900000, 1 hour = 3600000). | Count >= 1 | Count < 1 |
297+
| `Jira - Rapid Authentication Failures Alert` | This alert is triggered when a single user experiences more than 10 failed login attempts within 5 minutes, indicating potential password guessing attempts or account lockout issues. | Count > 10 | Count \<= 10 |

docs/integrations/app-development/opentelemetry/jmx-opentelemetry.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -251,4 +251,4 @@ import CreateMonitors from '../../../reuse/apps/create-monitors.md';
251251
| `JMX - High Heap Memory Usage Alert` | This alert gets triggered when heap memory usage exceeds threshold. | Count < 20 | Count >= 20 |
252252
| `JMX - High Memory Pool Usage Alert` | This alert gets triggered when memory pool usage exceeds threshold. | Count < 20 | Count >= 20 |
253253
| `JMX - High Non Heap Memory Usage Alert` | This alert gets triggered when non heap memory usage exceeds threshold. | Count < 20 | Count >= 20 |
254-
| `JMX - High Number Of Classes Loaded Alert` | This alert gets triggered when high number of classes are loaded. | Count > 1000 | Count < = 1000 |
254+
| `JMX - High Number Of Classes Loaded Alert` | This alert gets triggered when high number of classes are loaded. | Count > 1000 | Count \<= 1000 |

docs/integrations/app-development/opentelemetry/puppet-opentelemetry.md

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -276,3 +276,18 @@ This sample query is from the **Puppet - Overview** dashboard > **Node Requests
276276
### Node Puppet Runs Analysis: Puppet Node Runs Analysis
277277

278278
<img src='https://sumologic-app-data-v2.s3.amazonaws.com/dashboards/Puppet-OpenTelemetry/Puppet-Node-Puppet-Runs-Analysis.png' alt="Node Puppet Runs Analysis" />
279+
280+
## Create monitors for Puppet app
281+
282+
import CreateMonitors from '../../../reuse/apps/create-monitors.md';
283+
284+
<CreateMonitors/>
285+
286+
### Puppet alerts
287+
288+
| Name | Description | Alert Condition | Recover Condition |
289+
|:--|:--|:--|:--|
290+
| `Puppet - Catalog Compilation Performance` | This alert is triggered when average time taken to compile Puppet catalogs is greater than given value (Default 30 seconds). Extended compilation times can indicate Puppet master performance issues, complex catalogs, or resource constraints. | Count \>= 30 | Count \< 30 |
291+
| `Puppet - Erroneous Nodes` | This alert is triggered when a node has error more errors then given value (Default 5). | Count \>= 5 | Count \< 5 |
292+
| `Puppet - Error Pattern Analysis` | This alert is triggered when Puppet error logs show recurring patterns that may indicate issues, helping detect problems that need investigation. | Count \>= 20 | Count \< 20 |
293+
| `Puppet - Resource Status Failures` | This alert is triggered when there are specific resource failures greater than given value (Default 5). | Count \>= 5 | Count \< 5 |

docs/integrations/cloud-security-monitoring-analytics/opentelemetry/linux-opentelemetry.md

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -223,3 +223,19 @@ Use this dashboard to:
223223
- Monitor service usage and other system activity.
224224

225225
<img src='https://sumologic-app-data-v2.s3.amazonaws.com/dashboards/Linux-Cloud-Security-Monitoring-and-Analytics/Opentelemetry/Linux-Security-Analytics-User-Service-and-System-Monitoring.png' style={{border: '1px solid gray'}} alt="Linux-Security-Analytics-User-Service-and-System-Monitoring" />
226+
227+
228+
## Create monitors for Linux - Cloud Security Monitoring and Analytics app
229+
230+
import CreateMonitors from '../../../reuse/apps/create-monitors.md';
231+
232+
<CreateMonitors/>
233+
234+
### Linux - Cloud Security Monitoring and Analytics alerts
235+
236+
| Name | Description | Alert Condition | Recover Condition |
237+
|:--|:--|:--|:--|
238+
| `Linux CSMA - Excessive Failed Authentication` | This alert is triggered when multiple failed login attempts from the same source are detected, indicating potential brute force attempts. | Count > 10 | Count \<= 10 |
239+
| `Linux CSMA - Root Login Detection` | This alert is triggered when direct login attempts using the root account are detected, indicating a potential security concern since root logins should typically be disabled. | Count \>= 1 | Count < 1 |
240+
| `Linux CSMA - System Shutdown Detection` | This alert is triggered when unexpected system shutdown events are detected through kernel stop messages, which may indicate unauthorized access, malicious activity, power issues, or system failures. | Count > 0 | Count \<= 0 |
241+
| `Linux CSMA - User Account Creation Spike` | This alert is triggered when multiple user accounts are created in a short time period, which may indicate automated account creation, compromised systems, or unauthorized bulk user provisioning. | Count > 3 | Count \<= 3 |

0 commit comments

Comments
 (0)