Documentation

BigPanda event handler

BigPanda is an event correlation and automation platform that helps organizations prevent and resolve IT outages.

Configuration

Configuration and default option values for the BigPanda event handler are set in your kapacitor.conf. The example below shows the default configuration:

[bigpanda]
  enabled = false
  # BigPanda integration App Key
  app-key = ""
  # Authorization Bearer token for BigPanda REST API.  
  token = ""
  # BigPanda Alert API url  
  url = "https://api.bigpanda.io/data/v2/alerts"  

enabled

Set to true to enable the BigPanda event handler.

token

Set your authorization Bearer token for BigPanda REST API.

app-key

Set your BigPanda integration App Key. To get your App Key, log in to your BigPanda account and select Integrations in the header toolbar, and then click the New Integration. Select Alerts REST API, click Integrate button, and then Create an App Key.

url

BigPanda Alert API URL.

Options

The following BigPanda event handler options can be set in a handler file or when using .bigPanda() in a TICKscript.

NameTypeDescription
appKeystringBigPanda appKey
primaryPropertystringBigPanda primary property
secondaryPropertystringBigPanda secondary property
hoststringHost alert payload parameter (object that caused the alert)
attributesmap of key value pairsOption to add additional attribute(s) to the alert payload

BigPanda uses the primary property to construct the title and the secondary property to construct the subtitle of an incident. See Alert Correlation Logic for more information.

By default, the handler maps the Kapacitor task and alert properties below to the BigPanda Alert or Event fields as follows:

ValueBigPanda Alert Field
idcheck
messagedescription
detailsdetails
TaskNametask

All EventData tags and fields are appended to the BigPanda Alert as Additional attributes. For more information, see BigPanda Alert REST API.

TICKscript examples

stream
  |from()
    .measurement('cpu')
  |alert()
    .id('cpu_usage')
    .crit(lambda: "usage_user" > 90)
    .stateChangesOnly()
    .message('Hey, check your CPU')
    .bigPanda()
stream
  |from()
    .database('telegraf')
    .retentionPolicy('autogen')
    .measurement('cpu')
    .groupBy('host')
    .where(lambda: "cpu" == 'cpu-total')
  |eval(lambda: 100.0 - "usage_idle").as('total_used')
  |window().period(10s).every(10s)
  |mean('total_used').as('total_used')
  |alert()
    .id('cpu_usage_check')
    .message('Hey {{ index .Tags "host"}} / {{ .ID }}: is high!')
    .details('https://example.com/dashboard/{{ index .Tags "host"}}')
    .info(lambda: "total_used" > 70)
    .warn(lambda: "total_used" > 80)
    .crit(lambda: "total_used" > 90)
    .stateChangesOnly()
    .appKey('...')
    bigPanda()
      .host('{{ .Tags.host }}')
      .attribute('monitor_link', 'http://example.com/monitor?node={{ .Tags.host }}')
      .attribute('x_total_used', '{{ .Fields.total_used }}')

Was this page helpful?

Thank you for your feedback!


The future of Flux

Flux is going into maintenance mode. You can continue using it as you currently are without any changes to your code.

Read more

InfluxDB v3 enhancements and InfluxDB Clustered is now generally available

New capabilities, including faster query performance and management tooling advance the InfluxDB v3 product line. InfluxDB Clustered is now generally available.

InfluxDB v3 performance and features

The InfluxDB v3 product line has seen significant enhancements in query performance and has made new management tooling available. These enhancements include an operational dashboard to monitor the health of your InfluxDB cluster, single sign-on (SSO) support in InfluxDB Cloud Dedicated, and new management APIs for tokens and databases.

Learn about the new v3 enhancements


InfluxDB Clustered general availability

InfluxDB Clustered is now generally available and gives you the power of InfluxDB v3 in your self-managed stack.

Talk to us about InfluxDB Clustered