[Shinken-devel] Idea proposal : triggers?
Status: Beta
Brought to you by:
naparuba
Menu
▾
▴
[Shinken-devel] Idea proposal : triggers?
|
From: nap <nap...@gm...> - 2011-12-21 10:49:00
|
Hi all, You know that we put correlation every where in our last release with bp_rule, VMWare auto-linking or in the WebUI. I'm wondering if we should add some more "powerful" correlator objects, a lit like "zabbix triggers" :) Triggers are basically "expression matching" that can look at other objects states or perfdata. Such objects should be linked on hosts or services. It should be a mix between Zabbix trigger and SEC rules (simple event correlator, a great tool in perl). *What are triggers?* Such triggers will be "launched" after each new states on an host or a service, or why not scheduled too? They can check a "matching rule" to see if they should be active or not, and then they got an "action" that can do "something" (change state, new perfdata, raise an ack or stop notification,...) The goal is NOT to change all current checks in a trigger writing way, it's not a good idea to check standard things like that (like CPU or memory) because it's too complex and we already got an army of good plugins for this! :) But it can be useful for complex business process rules, to compute KPI (key point indicator) or manage snmp traps or syslog messages. * Some examples?* I put some sample of such rules in the wiki for feature proposal at http://www.shinken-monitoring.org/wiki/triggers There are some sample about CPU check, because it's should be possible, but it's not their main goal. The rules should be wrote in Python (easy syntax :) ) and give huge possibilities for loop for examples. There are example about CPU check or active/passive check, but such can be wrote more easily with bp_rule. The real sample are the state-full log parsing that will create an alert only if more than 10 hosts raise a scan from a unique source, and the KPI computation that show how to create a perfdata (and so graph with classic tools) from N distinct services. *Go?* It's a pure POC, there is nothing wrote from now, but the idea is to let the user got a very large control on matching rules and actions for specific and high level correlation rule. It should be "not so hard" to wrote the trigger code in the scheduler (maybe the correlator name was better for this one after all because scheduling is a small part of its job ;) ) and all we need is to propose some easy functions to raise states or matching output for example, not a so big thing. If you got some cases where bp_rule are not enough or you wrote a very hard to maintain plugins that does this correlation thing, it's time to let it know so we can try to make trigger manage them :) I'll be off for a shell for Christmas, and then I'll finish some WebUI page I start for mobiles, and then start a first draft of a configuration UI. But the triggers can be in poc during this time and be ready for the release after the 1.0 maybe :) Jean |