]> git.openstreetmap.org Git - chef.git/blobdiff - cookbooks/prometheus/templates/default/alert_rules.yml.erb
Restrict fail2ban to evasive blocks instead of all 403 errors
[chef.git] / cookbooks / prometheus / templates / default / alert_rules.yml.erb
index c7c3a1bac2e4f574fa0541dc0df5812382071f66..632fddc9f1baf15cea5c6c12f8d29d2a57aff1a7 100644 (file)
@@ -3,6 +3,13 @@
 groups:
   - name: amsterdam
     rules:
+      - alert: uplink
+        expr: junos_interface_up{site="amsterdam",name=~"ge-[01]/2/2"} != 1
+        for: 6m
+        labels:
+          alertgroup: "amsterdam"
+        annotations:
+          status: "{{ $value }}"
       - alert: pdu current draw
         expr: rPDU2PhaseStatusCurrent{site="amsterdam",rPDU2PhaseStatusIndex="1"} / 10 > 28
         for: 6m
@@ -45,6 +52,13 @@ groups:
           alertgroup: "{{ $labels.instance }}"
         annotations:
           busy_workers: "{{ $value | humanizePercentage }}"
+      - alert: apache connection limit
+        expr: (apache_connections{state="total"} - on (instance) apache_connections{state="closing"}) / on (instance) (apache_server_limit * on (instance) (apache_threads_per_child + on (instance) (apache_async_request_worker_factor * on (instance) apache_workers{state="idle"} / on(instance) apache_processes{state="all"}))) > 0.8
+        for: 5m
+        labels:
+          alertgroup: "{{ $labels.instance }}"
+        annotations:
+          connections: "{{ $value | humanizePercentage }}"
   - name: chef
     rules:
       - alert: chef client not running
@@ -91,13 +105,20 @@ groups:
           pressure: "{{ $value | humanizePercentage }}"
   - name: database
     rules:
-      - alert: postgres replication delay
-        expr: pg_replication_lag_seconds > 30
-        for: 15m
+      - alert: active rails queries
+        expr: sum(pg_stat_activity_count{datname="openstreetmap",usename="rails",state="active"}) by (instance) > 50 and on (instance) chef_role{name="db-master"}
+        for: 5m
         labels:
           alertgroup: database
         annotations:
-          delay: "{{ $value | humanizeDuration }}"
+          queries: "{{ $value }}"
+      - alert: active cgimap queries
+        expr: sum(pg_stat_activity_count{datname="openstreetmap",usename="cgimap",state="active"}) by (instance) > 30 and on (instance) chef_role{name="db-master"}
+        for: 5m
+        labels:
+          alertgroup: database
+        annotations:
+          delay: "{{ $value }}"
   - name: discourse
     rules:
       - alert: discourse job failure rate
@@ -109,6 +130,13 @@ groups:
           failure_rate: "{{ $value }} jobs/s"
   - name: dublin
     rules:
+      - alert: uplink
+        expr: junos_interface_up{site="dublin",name=~"ge-[01]/2/2"} != 1
+        for: 6m
+        labels:
+          alertgroup: "dublin"
+        annotations:
+          status: "{{ $value }}"
       - alert: pdu current draw
         expr: rPDU2PhaseStatusCurrent{site="dublin",rPDU2PhaseStatusIndex="1"} / 10 > 28
         for: 6m
@@ -146,13 +174,23 @@ groups:
           alertgroup: fastly
         annotations:
           error_rate: "{{ $value | humanizePercentage }}"
-      - alert: fastly healthcheck failing
-        expr: count(fastly_healthcheck_status == 0) by (service) > 0
+      - alert: fastly frontend healthcheck warning
+        expr: count(fastly_healthcheck_status == 0) by (service, datacenter) > 2
+        for: 15m
+        labels:
+          alertgroup: fastly
+      - alert: fastly frontend healthcheck critical
+        expr: count(fastly_healthcheck_status == 0) by (service, datacenter) == count(fastly_healthcheck_status) by (service, datacenter)
+        for: 5m
+        labels:
+          alertgroup: fastly
+      - alert: fastly backend healthcheck warning
+        expr: count(fastly_healthcheck_status == 0) by (service, backend) > 10
         for: 15m
         labels:
           alertgroup: fastly
-      - alert: multiple fastly healthchecks failing
-        expr: count(fastly_healthcheck_status == 0) by (service) > 4
+      - alert: fastly backend healthcheck critical
+        expr: count(fastly_healthcheck_status == 0) by (service, backend) == count(fastly_healthcheck_status) by (service, backend)
         for: 5m
         labels:
           alertgroup: fastly
@@ -248,21 +286,51 @@ groups:
           alertgroup: "{{ $labels.instance }}"
   - name: juniper
     rules:
+      - alert: juniper red alarms
+        expr: juniper_alarms_red_count > 0
+        for: 5m
+        labels:
+          alertgroup: "{{ $labels.site }}"
+        annotations:
+          alarm_count: "{{ $value }} alarms"
+      - alert: juniper yellow alarms
+        expr: juniper_alarms_yellow_count > 0
+        for: 5m
+        labels:
+          alertgroup: "{{ $labels.site }}"
+        annotations:
+          alarm_count: "{{ $value }} alarms"
       - alert: juniper cpu alarm
-        expr: jnxOperatingCPU{jnxOperatingContentsIndex="7"} > 30
+        expr: junos_route_engine_load_average_five / 2 > 0.5
         for: 5m
         labels:
           alertgroup: "{{ $labels.site }}"
+        annotations:
+          load_average: "{{ $value | humanizePercentage }}"
       - alert: juniper fan alarm
-        expr: jnxOperatingState{jnxOperatingContentsIndex="4",jnxOperatingState!~"running.*"} > 0
+        expr: junos_environment_fan_up != 1
         for: 5m
         labels:
           alertgroup: "{{ $labels.site }}"
       - alert: juniper power alarm
-        expr: jnxOperatingState{jnxOperatingContentsIndex="2",jnxOperatingState!~"running.*"} > 0
+        expr: junos_environment_power_up != 1
+        for: 5m
+        labels:
+          alertgroup: "{{ $labels.site }}"
+      - alert: juniper laser receive power
+        expr: junos_interface_diagnostics_laser_rx_dbm < -12 and on (site, instance, name) junos_interface_admin_up == 1
+        for: 5m
+        labels:
+          alertgroup: "{{ $labels.site }}"
+        annotations:
+          power: "{{ $value }} dBm"
+      - alert: juniper laser transmit power
+        expr: junos_interface_diagnostics_laser_output_dbm < -8 and on (site, instance, name) junos_interface_admin_up == 1
         for: 5m
         labels:
           alertgroup: "{{ $labels.site }}"
+        annotations:
+          power: "{{ $value }} dBm"
   - name: mail
     rules:
       - alert: exim down
@@ -353,8 +421,22 @@ groups:
           alertgroup: "{{ $labels.instance }}"
         annotations:
           connections_used: "{{ $value | humanizePercentage }}"
+      - alert: mysql connection errors
+        expr: increase(mysql_global_status_connection_errors_total[1m]) > 0
+        for: 0m
+        labels:
+          alertgroup: "{{ $labels.instance }}"
+        annotations:
+          error_count: "{{ $value }}"
   - name: network
     rules:
+      - alert: interface redundancy lost
+        expr: node_bonding_active < 2 and on (instance, master) label_replace(chef_network_interface{bond_mode="802.3ad"}, "master", "$1", "name", "(.*)")
+        for: 5m
+        labels:
+          alertgroup: "{{ $labels.instance }}"
+        annotations:
+          link_count: "{{ $value }}"
       - alert: interface transmit rate
         expr: rate(node_network_transmit_bytes_total[1m]) / node_network_speed_bytes > 0.99
         for: 5m
@@ -511,13 +593,6 @@ groups:
           alertgroup: "{{ $labels.instance }}"
         annotations:
           new_deadlocks: "{{ $value }}"
-      - alert: postgresql slow queries
-        expr: pg_slow_queries > 0
-        for: 5m
-        labels:
-          alertgroup: "{{ $labels.instance }}"
-        annotations:
-          queries: "{{ $value }}"
       - alert: postgresql idle transactions
         expr: sum(pg_process_idle_seconds_count{state="idle in transaction"}) by (instance, server) > sum(pg_process_idle_seconds_bucket{state="idle in transaction",le="300"}) by (instance, server)
         for: 5m
@@ -653,14 +728,14 @@ groups:
   - name: taginfo
     rules:
       - alert: taginfo planet age
-        expr: time() - taginfo_data_from_seconds > 129600
+        expr: time() - taginfo_data_from_seconds > 129600 and on (instance) chef_role{name="taginfo"}
         for: 0m
         labels:
           alertgroup: taginfo
         annotations:
           age: "{{ $value | humanizeDuration }}"
       - alert: taginfo database age
-        expr: time() - taginfo_database_update_finish_seconds > 129600
+        expr: time() - taginfo_database_update_finish_seconds > 129600 and on (instance) chef_role{name="taginfo"}
         for: 0m
         labels:
           alertgroup: taginfo