High Volume of Events - Google

Follow

JP Obando

• October 11, 2021 14:55

Is there a way to have Sumo alert us if there's a large number of events within Google (or any integration for that matter?)

Context: We had ~ 3K users title changed by our IdP incorrectly and in retrospect, if we had a way to have been told that "X" amount of "the same events" have been triggered we could have caught it sooner

 

Thanks!

0

• 

  Shobhit Garg

  • October 19, 2021 06:12

  Hi JP,

  You can actually write a scheduled search and then depending on the condition that you want to monitor you can setup and alert generation condition. And send the alert to email ids or webhook or service now.

  The main logic will be in the search query, where you need decide at what factor you want to generate an alert. In broader terms, lets say you want to monitor 502 error http code. If the occurrence of this error code is greater than 1000 in last 15 minutes, I should be alerted over email.

  Please read below for more information

  https://help.sumologic.com/Visualizations-and-Alerts/Alerts/Scheduled-Searches/Create_an_Email_Alert

   

  You can also create monitors

  https://help.sumologic.com/Visualizations-and-Alerts/Alerts/Monitors

   

  Regards

  0

  Comment actions Permalink

Please sign in to leave a comment.