alert rules告警规则

wechat

{{ define "wechat.default.message" }}
{{ range $i, $alert :=.Alerts }}
========监控报警==========
告警状态:{{   .Status }}
告警级别:{{ $alert.Labels.severity }}
告警类型:{{ $alert.Labels.alertname }}
告警应用:{{ $alert.Annotations.summary }}
告警主机:{{ $alert.Labels.instance }}
告警详情:{{ $alert.Annotations.description }}
触发阀值:{{ $alert.Annotations.value }}
告警时间:{{ $alert.StartsAt.Format "2006-01-02 15:04:05" }}
========end=============
{{ end }}
{{ end }}

groups:
- name: ServiceStatus
  rules:

# prometheus 
  - alert: prometheus down
    expr: prometheus_config_last_reload_successful != 1
    for: 1m
    labels:
      name: prometheus 
      severity: error
    annotations:
      summary: "prometheus  down (instance {{ $labels.instance }})"
      description: "prometheus instance is down"
      value: "{{ $value }}"

#alertmanager 

  - alert: alertmanager down
    expr: alertmanager_config_last_reload_successful != 1
    for: 1m
    labels:
      name: alertmanager
      severity: error
    annotations:
      summary: "alertmanager down (instance {{ $labels.instance }})"
      description: "alertmanager instance is down"
      value: "{{ $value }}"

# node_exporter

  - alert: instanceDown
    expr: up == 0
    for: 1m
    labels:
      name: instance
      severity: Critical
    annotations:
      summary: "{{ $labels.app_name }} down"
      description: "服务停止运行"
      value: "{{ $value }}"

  - alert: host load
    expr: node_load5 > 4
    for: 1m
    labels:
      severity: Critical
    annotations:
      summary: "{{ $labels.appname }} "
      description: "主机5分钟负载超过4"
      value: "{{ $value }}"

  - alert: cpu usege load
    expr: 100 - (avg by(instance) (irate(node_cpu_seconds_total{mode="idle"}[5m])) * 100) > 80
    for: 1m
    labels:
      name: cpu
      severity: Critical
    annotations:
      summary: "{{$labels.mountpoint}} CPU使用率过高"
      description: "{{$labels.mountpoint }} CPU使用大于80%"
      value: "{{ $value }}%"


  - alert: mem usage
    expr: (node_memory_MemTotal_bytes - (node_memory_MemFree_bytes + node_memory_Buffers_bytes + node_memory_Cached_bytes)) / node_memory_MemTotal_bytes * 100 >  85
    for: 1m
    labels:
      name: memory
      severity: Critical
    annotations:
      summary: "{{$labels.mountpoint}} 内存使用率过高!"
      description: "{{$labels.mountpoint }} 内存使用大于85%"
      value: "{{ $value }}%" 

  - alert: disk usage
    expr: 100-(node_filesystem_free_bytes{fstype=~"ext4|xfs"}/node_filesystem_size_bytes {fstype=~"ext4|xfs"}*100) > 80
    for: 1m
    labels:
      name: disk
      severity: Critical
    annotations:
      summary: "{{$labels.mountpoint}} 磁盘空间使用率过高!"
      description: "{{$labels.mountpoint }} 磁盘空间使用大于80%" 
      value: "{{ $value }}%"  

  - alert: volume fullIn fourdaysd
    expr: predict_linear(node_filesystem_free_bytes{job="node_exporter"}[2h], 4 * 24 * 3600) < 0
    for: 5m
    labels:
      name: disk
      severity: Critical
    annotations:
      summary: "{{$labels.mountpoint}} 预计主机可用磁盘空间4天后将写满"
      description: "{{$labels.mountpoint }}" 
      value: "{{ $value }}%"  


  - alert: disk write rate
    expr: sum by (instance) (irate(node_disk_written_bytes_total[2m])) / 1024 / 1024 > 50
    for: 1m
    labels:
      name: disk
      severity: Critical
    annotations:
      summary: "disk write rate (instance {{ $labels.instance }})"
      description: "磁盘写入速率大于50MB/s"
      value: "{{ $value }}%" 

  - alert: disk read latency
    expr: rate(node_disk_read_time_seconds_total[1m]) / rate(node_disk_reads_completed_total[1m]) > 100
    for: 1m
    labels:
      name: disk
      severity: Critical
    annotations:
      summary: "unusual disk read latency (instance {{ $labels.instance }})"
      description: "磁盘读取延迟大于100毫秒"
      value: "{{ $value }}%" 

  - alert: disk write latency
    expr: rate(node_disk_write_time_seconds_total[1m]) / rate(node_disk_writes_completed_total[1m]) > 100
    for: 1m
    labels:
      name: disk
      severity: Critical
    annotations:
      summary: "unusual disk write latency (instance {{ $labels.instance }})"
      description: "磁盘写入延迟大于100毫秒"
      value: "{{ $value }}%" 

  - alert: network in
    expr: sum by (instance) (irate(node_network_receive_bytes_total[2m])) / 1024 / 1024 > 100
    for: 1m
    labels:
      name: network
      severity: Critical
    annotations:
      summary: "{{$labels.mountpoint}} 流入网络带宽过高"
      description: "{{$labels.mountpoint }}流入网络异常,高于100M"
      value: "{{ $value }}" 

  - alert: network out
    expr: sum by (instance) (irate(node_network_transmit_bytes_total[2m])) / 1024 / 1024 > 100
    for: 1m
    labels:
      name: network
      severity: Critical
    annotations:
      summary: "{{$labels.mountpoint}} 发送网络带宽过高"
      description: "{{$labels.mountpoint }}发送网络异常,高于100M"
      value: "{{ $value }}" 

  - alert: tcp connection
    expr: node_netstat_Tcp_CurrEstab > 5000
    for: 1m
    labels:
      name: tcp
      severity: Critical
    annotations:
      summary: "{{$labels.mountpoint}} TCP_ESTABLISHED过高!"
      description: "{{$labels.mountpoint }} TCP_ESTABLISHED大于5000"
      value: "{{ $value }}"

# redis_exporter
  - alert: reids down
    expr: redis_up == 0
    for: 1m
    labels:
      name: redis
      severity: error
    annotations:
      summary: "redis down (instance {{ $labels.instance }})"
      description: "redis instance is down"
      value: "{{ $value }}"

  - alert: reids client connection
    expr: redis_connected_clients < 5
    for: 1m
    labels:
      name: redis
      severity: Critical
    annotations:
      summary: "{{$labels.mountpoint}} redis client connection Too few connections"
      description: "{{$labels.mountpoint }} redis client connectionToo few connections 少于5个"
      value: "{{ $value }}"

  - alert: reids client connection
    expr: redis_connected_clients > 5000
    for: 1m
    labels:
      name: redis
      severity: Critical
    annotations:
      summary: "{{$labels.mountpoint}} redis client TooManyConnections"
      description: "{{$labels.mountpoint }} redis client connection超过5000"
      value: "{{ $value }}"

  - alert: reids men usage
    expr: redis_memory_used_bytes/ (1024 * 1024 ) > 4096
    for: 1m
    labels:
      name: redis
      severity: Critical
    annotations:
      summary: "{{$labels.mountpoint}} redis memory usage 超过4096MB!"
      description: "{{$labels.mountpoint }} redis memory usage 超过4096MB"
      value: "{{ $value }}"

  - alert: reids outofmemory
    expr: redis_memory_used_bytes / redis_memory_max_bytes  * 100 > 80
    for: 1m
    labels:
      name: redis
      severity: Critical
    annotations:
      summary: "{{$labels.mountpoint}} redis memory usage 使用率过高"
      description: "{{$labels.mountpoint }} redis memory usage 使用率超过80%"
      value: "{{ $value }}"

  - alert: reids rejectedconnections
    expr: increase(redis_rejected_connections_total[1m]) > 0
    for: 1m
    labels:
      name: redis
      severity: Critical
    annotations:
      summary: "rejected connections (instance {{ $labels.instance }})"
      description: "{{$labels.mountpoint }} redis has been rejected"
      value: "{{ $value }}"


# zoookeeper_exporter

  - alert: zookeeper down
    expr: zk_up == 0
    for: 1m
    labels:
      name: zoookeeper
      severity: error
    annotations:
      summary: "zookeeper down (instance {{ $labels.instance }})"
      description: "zoookeeper instance is down"
      value: "{{ $value }}"

  - alert: zoookeeper leader status
    expr: zk_server_state{state="leader"} !=1
    for: 1m
    labels:
      name: zoookeeper
      severity: Critical
    annotations:
      summary: "{{$labels.instance }} zoookeeper leader is die."
      description: "{{$labels.instance }} zoookeeper leader is die,please check it quickly."
      value: "{{ $value }}"

  - alert: zoookeeper nodes num
    expr: sum(zk_server_state) < 3
    for: 1m
    labels:
      name: zoookeeper
      severity: Critical
    annotations:
      summary: "{{$labels.instance }} zoookeeper node number 小于 3台"
      description: "{{$labels.instance }} zoookeeper集群正常节点小于3台"
      value: "{{ $value }}"

  - alert: zoookeeper snapshot size
    expr: zk_approximate_data_size / 1024 > 1024
    for: 1m
    labels:
      name: zoookeeper
      severity: Critical
    annotations:
      summary: "{{$labels.instance }} zoookeeper snapshot size It's too big"
      description: "{{$labels.instance }} zoookeeper snapshot size 大于 1GB"
      value: "{{ $value }}"


  - alert: zoookeeper descriptor
    expr: zk_open_file_descriptor_count > zk_max_file_descriptor_count * 0.85
    for: 1m
    labels:
      name: zoookeeper
      severity: Critical
    annotations:
      summary: "{{$labels.instance }} zoookeeper 文件句柄数过高"
      description: "{{$labels.instance }} zoookeeper 打开文件句柄数大于系统配置参数"
      value: "{{ $value }}"

# jmx_exporter

  - alert: heap space usage
    expr: jvm_memory_bytes_used{job="upp", area="heap"} / jvm_memory_bytes_max * 100 >80
    for: 3m
    labels:
      name: jmx
      severity: Critical
    annotations:
      summary: "JVM Instance {{ $labels.instance }} memory usage > 80%"
      description: "{{ $labels.instance }} of job {{ $labels.job }} has been in status [heap usage > 80%] for more than 1 minutes. current usage ({{ $value }}%)"
      value: "{{ $value }}"

  - alert: old gc
    expr: increase(jvm_gc_collection_seconds_sum{gc="PS MarkSweep"}[5m]) > 5 * 60 * 0.8
    for: 3m
    labels:
      name: jmx
      severity: Critical
    annotations:
      summary: "JVM Instance {{ $labels.instance }} Old GC time > 80% running time"
      description: "{{ $labels.instance }} of job {{ $labels.job }} has been in status [Old GC time > 80% running time] for more than 5 minutes. current seconds ({{ $value }}%)"
      value: "{{ $value }}"


# consul_exporter

  - alert: consul service check
    expr: consul_catalog_service_node_healthy == 0
    for: 3m
    labels:
      name: consul
      severity: Critical
    annotations:
      summary: "Service healthcheck failed (instance {{ $labels.instance }})"
      description: "Service: `{{ $labels.service_name }}` Healthcheck: `{{ $labels.service_id }}"
      value: "{{ $value }}"

  - alert: consul server node sum
    expr: sum(consul_catalog_service_node_healthy {service_name="consul"} ) < 3
    for: 3m
    labels:
      name: consul
      severity: Critical
    annotations:
      summary: "consul server node 小于 3台  (instance {{ $labels.instance }})"
      description: "consul server node 小于 3台  (instance {{ $labels.instance }})"
      value: "{{ $value }}"


# blackbox_exporter

  - alert: probe failed
    expr: probe_success == 0
    for: 3m
    labels:
      name: blackbox
      severity: Critical
    annotations:
      summary: Probe failed (instance {{ $labels.instance }})"
      description: "Probe failed LABELS: {{ $labels }}"
      value: "{{ $value }}"

  - alert: http status code
    expr: probe_http_status_code <= 199 OR probe_http_status_code >= 300
    for: 3m
    labels:
      name: blackbox
      severity: Critical
    annotations:
      summary: "Status Code (instance {{ $labels.instance }})"
      description: "HTTP status code is not 200-299  LABELS: {{ $labels }}"
      value: "{{ $value }}"

  - alert: ping delay
    expr: probe_icmp_duration_seconds > 2
    for: 3m
    labels:
      name: blackbox
      severity: Critical
    annotations:
      summary: "Blackbox slow ping (instance {{ $labels.instance }})"
      description: "Blackbox ping took more than 2s  LABELS: {{ $labels }}"
      value: "{{ $value }}"
©著作权归作者所有,转载或内容合作请联系作者
  • 人面猴
    序言:七十年代末,一起剥皮案震惊了整个滨河市,随后出现的几起案子,更是在滨河造成了极大的恐慌,老刑警刘岩,带你破解...
    沈念sama阅读 205,236评论 6 478
  • 死咒
    序言:滨河连续发生了三起死亡事件,死亡现场离奇诡异,居然都是意外死亡,警方通过查阅死者的电脑和手机,发现死者居然都...
    沈念sama阅读 87,867评论 2 381
  • 救了他两次的神仙让他今天三更去死
    文/潘晓璐 我一进店门,熙熙楼的掌柜王于贵愁眉苦脸地迎上来,“玉大人,你说我怎么就摊上这事。” “怎么了?”我有些...
    开封第一讲书人阅读 151,715评论 0 340
  • 道士缉凶录:失踪的卖姜人
    文/不坏的土叔 我叫张陵,是天一观的道长。 经常有香客问我,道长,这世上最难降的妖魔是什么? 我笑而不...
    开封第一讲书人阅读 54,899评论 1 278
  • 港岛之恋(遗憾婚礼)
    正文 为了忘掉前任,我火速办了婚礼,结果婚礼上,老公的妹妹穿的比我还像新娘。我一直安慰自己,他们只是感情好,可当我...
    茶点故事阅读 63,895评论 5 368
  • 恶毒庶女顶嫁案:这布局不是一般人想出来的
    文/花漫 我一把揭开白布。 她就那样静静地躺着,像睡着了一般。 火红的嫁衣衬着肌肤如雪。 梳的纹丝不乱的头发上,一...
    开封第一讲书人阅读 48,733评论 1 283
  • 城市分裂传说
    那天,我揣着相机与录音,去河边找鬼。 笑死,一个胖子当着我的面吹牛,可吹牛的内容都是我干的。 我是一名探鬼主播,决...
    沈念sama阅读 38,085评论 3 399
  • 双鸳鸯连环套:你想象不到人心有多黑
    文/苍兰香墨 我猛地睁开眼,长吁一口气:“原来是场噩梦啊……” “哼!你这毒妇竟也来了?” 一声冷哼从身侧响起,我...
    开封第一讲书人阅读 36,722评论 0 258
  • 万荣杀人案实录
    序言:老挝万荣一对情侣失踪,失踪者是张志新(化名)和其女友刘颖,没想到半个月后,有当地人在树林里发现了一具尸体,经...
    沈念sama阅读 43,025评论 1 300
  • 护林员之死
    正文 独居荒郊野岭守林人离奇死亡,尸身上长有42处带血的脓包…… 初始之章·张勋 以下内容为张勋视角 年9月15日...
    茶点故事阅读 35,696评论 2 323
  • 白月光启示录
    正文 我和宋清朗相恋三年,在试婚纱的时候发现自己被绿了。 大学时的朋友给我发了我未婚夫和他白月光在一起吃饭的照片。...
    茶点故事阅读 37,816评论 1 333
  • 活死人
    序言:一个原本活蹦乱跳的男人离奇死亡,死状恐怖,灵堂内的尸体忽然破棺而出,到底是诈尸还是另有隐情,我是刑警宁泽,带...
    沈念sama阅读 33,447评论 4 322
  • 日本核电站爆炸内幕
    正文 年R本政府宣布,位于F岛的核电站,受9级特大地震影响,放射性物质发生泄漏。R本人自食恶果不足惜,却给世界环境...
    茶点故事阅读 39,057评论 3 307
  • 男人毒药:我在死后第九天来索命
    文/蒙蒙 一、第九天 我趴在偏房一处隐蔽的房顶上张望。 院中可真热闹,春花似锦、人声如沸。这庄子的主人今日做“春日...
    开封第一讲书人阅读 30,009评论 0 19
  • 一桩弑父案,背后竟有这般阴谋
    文/苍兰香墨 我抬头看了看天上的太阳。三九已至,却和暖如春,着一层夹袄步出监牢的瞬间,已是汗流浃背。 一阵脚步声响...
    开封第一讲书人阅读 31,254评论 1 260
  • 情欲美人皮
    我被黑心中介骗来泰国打工, 没想到刚下飞机就差点儿被人妖公主榨干…… 1. 我叫王不留,地道东北人。 一个月前我还...
    沈念sama阅读 45,204评论 2 352
  • 代替公主和亲
    正文 我出身青楼,却偏偏与公主长得像,于是被迫代替她去往敌国和亲。 传闻我的和亲对象是个残疾皇子,可洞房花烛夜当晚...
    茶点故事阅读 42,561评论 2 343

推荐阅读更多精彩内容