From 22e7b690550a38aa63f1f1af454ec66d99fc8f6e Mon Sep 17 00:00:00 2001 From: Chetan Choudhary Date: Fri, 29 Nov 2024 16:46:48 +0530 Subject: [PATCH 1/3] SUMO-250995: Adding Monitors information to Apache Tomcat OTEL App --- .../opentelemetry/apache-tomcat-opentelemetry.md | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/docs/integrations/web-servers/opentelemetry/apache-tomcat-opentelemetry.md b/docs/integrations/web-servers/opentelemetry/apache-tomcat-opentelemetry.md index 6cd45dfe39..ca1667cd41 100644 --- a/docs/integrations/web-servers/opentelemetry/apache-tomcat-opentelemetry.md +++ b/docs/integrations/web-servers/opentelemetry/apache-tomcat-opentelemetry.md @@ -379,3 +379,18 @@ Use this dashboard to: The **Apache Tomcat - Connectors** dashboard provides an at-a-glance view of error count, request count, request processing time, total bytes sent/received, total connections, and thread (bust and ideal) information. Threat intel + +## Create monitors for Apache Tomcat app + +import CreateMonitors from '../../../reuse/apps/create-monitors.md'; + + + +### Apache Tomcat alerts + +| Alert Name | Alert Description and conditions | Alert Condition | Recover Condition | +|:--|:--|:--|:--| +| `Apache Tomcat - Access from Highly Malicious Sources` | This alert gets triggered when a Tomcat server is accessed from highly malicious IP addresses. | Count > 0 | Count < = 0 | +| `Apache Tomcat - Error` | This alert gets triggered when error count is greater than 0. | Count > 0 | Count < = 0 | +| `Apache Tomcat - High Client (HTTP 4xx) Error Rate` | This alert gets triggered when there are too many HTTP requests (>5%) with a response status of 4xx. | Count > 0 | Count < = 0 | +| `Apache Tomcat - High Server (HTTP 5xx) Error Rate` | This alert gets triggered when there are too many HTTP requests (>5%) with a response status of 5xx. | Count > 0 | Count < = 0 | From ab49db84cf09049ed43a9f6acf52f0268e9ce44a Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Fri, 29 Nov 2024 19:39:16 +0530 Subject: [PATCH 2/3] Update apache-tomcat-opentelemetry.md --- .../web-servers/opentelemetry/apache-tomcat-opentelemetry.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/integrations/web-servers/opentelemetry/apache-tomcat-opentelemetry.md b/docs/integrations/web-servers/opentelemetry/apache-tomcat-opentelemetry.md index ca1667cd41..e19b39dede 100644 --- a/docs/integrations/web-servers/opentelemetry/apache-tomcat-opentelemetry.md +++ b/docs/integrations/web-servers/opentelemetry/apache-tomcat-opentelemetry.md @@ -388,7 +388,7 @@ import CreateMonitors from '../../../reuse/apps/create-monitors.md'; ### Apache Tomcat alerts -| Alert Name | Alert Description and conditions | Alert Condition | Recover Condition | +| Name | Description | Alert Condition | Recover Condition | |:--|:--|:--|:--| | `Apache Tomcat - Access from Highly Malicious Sources` | This alert gets triggered when a Tomcat server is accessed from highly malicious IP addresses. | Count > 0 | Count < = 0 | | `Apache Tomcat - Error` | This alert gets triggered when error count is greater than 0. | Count > 0 | Count < = 0 | From 7f1258be50e0251bfcf84335ed37c267e7ef0a48 Mon Sep 17 00:00:00 2001 From: Jagadisha V <129049263+JV0812@users.noreply.github.com> Date: Fri, 29 Nov 2024 19:52:22 +0530 Subject: [PATCH 3/3] Update apache-tomcat-opentelemetry.md --- .../opentelemetry/apache-tomcat-opentelemetry.md | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/docs/integrations/web-servers/opentelemetry/apache-tomcat-opentelemetry.md b/docs/integrations/web-servers/opentelemetry/apache-tomcat-opentelemetry.md index e19b39dede..f47c32e5a0 100644 --- a/docs/integrations/web-servers/opentelemetry/apache-tomcat-opentelemetry.md +++ b/docs/integrations/web-servers/opentelemetry/apache-tomcat-opentelemetry.md @@ -17,6 +17,10 @@ Tomcat logs are sent to Sumo Logic through the OpenTelemetry [filelog receiver]( Schematics +:::info +This app includes [built-in monitors](#apache-tomcat-alerts). For details on creating custom monitors, refer to [Create monitors for Apache Tomcat app](#create-monitors-for-apache-tomcat-app). +::: + ## Fields Created in Sumo Logic for Tomcat The following are the [Fields](/docs/manage/fields) that will be created as part of the Tomcat App install, if not already present. @@ -390,7 +394,7 @@ import CreateMonitors from '../../../reuse/apps/create-monitors.md'; | Name | Description | Alert Condition | Recover Condition | |:--|:--|:--|:--| -| `Apache Tomcat - Access from Highly Malicious Sources` | This alert gets triggered when a Tomcat server is accessed from highly malicious IP addresses. | Count > 0 | Count < = 0 | -| `Apache Tomcat - Error` | This alert gets triggered when error count is greater than 0. | Count > 0 | Count < = 0 | -| `Apache Tomcat - High Client (HTTP 4xx) Error Rate` | This alert gets triggered when there are too many HTTP requests (>5%) with a response status of 4xx. | Count > 0 | Count < = 0 | -| `Apache Tomcat - High Server (HTTP 5xx) Error Rate` | This alert gets triggered when there are too many HTTP requests (>5%) with a response status of 5xx. | Count > 0 | Count < = 0 | +| `Apache Tomcat - Access from Highly Malicious Sources` | This alert is triggered when a Tomcat server is accessed from highly malicious IP addresses. | Count > 0 | Count < = 0 | +| `Apache Tomcat - Error` | This alert is triggered when error count is greater than 0. | Count > 0 | Count < = 0 | +| `Apache Tomcat - High Client (HTTP 4xx) Error Rate` | This alert is triggered when there are too many HTTP requests (>5%) with a response status of 4xx. | Count > 0 | Count < = 0 | +| `Apache Tomcat - High Server (HTTP 5xx) Error Rate` | This alert is triggered when there are too many HTTP requests (>5%) with a response status of 5xx. | Count > 0 | Count < = 0 |