Hi, this is Robert Statsinger. I'm a Foglight Solution architect.
Today I'm going to show you how to write a rule against data so that Foglight will generate alarms when the data takes on undesired characteristics.
I'm going to click Create Rule here that's going to bring up a wizard for me. And I'll type in a rule name because we're going to act on the number of forks that the agent is returning. I'll make this a multi-severity rule so that it has warning, critical, and fatal zones. And I'll make it data-driven so that it will act against incoming instances of the data that my agent returns.
The topology type is the type of the data that the agent is returning, and I will place it into the Selector box, and then validate it with the green Check box. This will get Foglight to tell me that this is, indeed, a valid topology type for the rule, and that there's instances of the data for the rule to act against.
The next step in the Rule Wizard is to click Next, and I will see the different zones available for creating alarms and alerts in the rule. So for the Warning zone, I will type in "Forks greater than 5,000." And the alarm message will read, "Warning, too many forks."
And that's really all I have to do for this rule. At this point I can click Finish, and you'll see that the rule was added.
The next thing to do is to go to Foglight's Alarms Dashboard, and I'll go ahead and clear all the alarms that are on the system right now. And momentarily, Foglight will go ahead and process incoming data from my agent, which will generate an alarm in the UI.
Now you can see that Foglight has fired the rule against the incoming forks data and generated an alarm for us, letting us know that there have been too many forks observed by the agent.
So this was a simple example of a rule, and it shows how quickly you can generate alarms against undesired data behavior. Of course you can customize this rule by adding actions, to send email when the rule fires, and you can add commands and scripts that are actions when the rule fires, and, of course, you can use things like Foglight registry variables to manage your rule thresholds.