What options does Opendistro for mitigating a threshold-based alert storm? Are there options to fire an alert every X times the requirements are met? Or any other patterned-based alerting to minimize over-alerting?
Cheers.
What options does Opendistro for mitigating a threshold-based alert storm? Are there options to fire an alert every X times the requirements are met? Or any other patterned-based alerting to minimize over-alerting?
Cheers.
Hello.
There is a throttling mechanism on the action to prevent it for firing several time during a configurable time.
It is available in the Kibana UI.
Configuration seem to be, in the action:
“throttle_enabled” : true,
“throttle” : {
“value” : 15,
“unit” : “MINUTES”
}