bdcrandall
commented
11 months ago Data source screenshot showing logical group info
Alert screenshot
Closed bdcrandall closed 10 months ago
bdcrandall
commented
11 months ago Data source screenshot showing logical group info
Alert screenshot
guilhemmarchand
commented
11 months ago Hi @bdcrandall
Thank you for raising to this to our attention, this will be verified promptly.
TrackMe
guilhemmarchand
commented
10 months ago Hi @bdcrandall
We are currently finalizing a migration for TrackMe v2.0.75 to a more robust and enhanced logic for the decision making which is going to address any risk of having these kind of issue.
We believe the issue is somehow a multi-statement issue in your case which cannot happen with this new worklofw.
guilhemmarchand
commented
10 months ago @bdcrandall
We believe this issue cannot happen any longer with the new Decision Maker concept introduced in TrackMe 2.0.75. Please let us know if you stull encounter the same issue once you will have upgraded.
TrackMe
Describe the bug A data source is turning red and causing an alert even though it is part of a logical group with sufficient green members to keep it above the specified threshold.
TrackMe version 2.0.71
To Reproduce I have multiple logical groups and only one that isn't behaving properly so I'm not sure how to precisely reproduce the problem.
Expected behavior The data sources should not turn red or trigger alerts as long as the group has > 50% green members.
Screenshots I have screenshots but I can't seem to upload them to the bug.
Splunk version and deployment: Splunk Cloud Version: 9.0.2303.201 Build: 5480631d4591 Experience: Classic Standalone search head
Additional context Add any other context about the problem here.