hezor
commented
7 years ago This is good news. We too have the kind of alerts that won't work properly with the stateful behavior. Any chance this option could be included in 2.2.1?
Closed jalogisch closed 7 years ago
hezor
commented
7 years ago This is good news. We too have the kind of alerts that won't work properly with the stateful behavior. Any chance this option could be included in 2.2.1?
gruselglatz
commented
7 years ago It is also important for our Workflow, that we can bound one or more condition/s and notification/s to each other. Because we need different notifications on different events in the same stream. At the moment we have to create a new stream for every new condition/notification relationship.
dennisoelkers
commented
7 years ago @gruselglatz: Is this related to stateful alerting or a different feature? I think what you mean is coupling alert notifications to alert conditions, is that correct?
gruselglatz
commented
7 years ago @dennisoelkers yes, like the old behaviour
edmundoa
commented
7 years ago @gruselglatz the old behaviour was not like that, alert conditions and notifications were bounded to a stream, just like they are in now.
gruselglatz
commented
7 years ago @edmundoa ok sorry, but you know what my point is? i only want to link notifications to a certain condition, that i can create more use cases in one stream
edmundoa
commented
7 years ago @gruselglatz yes, I know. That's one of the future improvements that may come to alerting, but so far we didn't have enough time to do it. If you want to discuss that, feel free to open another issue, let's keep this issue on stateful notification, please 🙂
dennisoelkers
commented
7 years ago Fixed in #3535 & #3544.
Expected Behavior
It should be possible for the user to enable the old notification behavior - because this new way of notification breaks the default from 2.X Version
Current Behavior
If someone updates to the Version 2.2.0 he can't work with any kind of workflow or environment around Graylog that had used the alarming feature that returns every minute the alarm.
Possible Solution
Make the stateful notification an option and or make it possible to return to the old behavior of getting a notification as long as the condition is found.
Context
The new stateful notification is a breaking change.
People used the old way of notification in other ways that we - the developers did not even think of.
Taking https://github.com/Graylog2/graylog-support/issues/9 and this https://community.graylog.org/t/alert-conditions/80 we are facing two possible workflows that we did not see during development.
Additional none of the Testers of Beta or RC Version has such a workflow and could had stopped us.
Your Environment