Create¶
POST /api/v1/checker/add
Overview¶
Create a monitor
Body Request Parameters¶
| Parameter Name | Type | Required | Description |
|---|---|---|---|
| type | string | Monitor type, default trigger, trigger: regular monitor, smartMonitor for intelligent monitor Allow empty: False Example: smartMonitor |
|
| status | integer | Monitor status field, 0 enabled status, 2 disabled status, default enabled status, (added in 2025-02-19 iteration) Allow empty: False Allowed values: [0, 2] |
|
| extend | json | Additional information (Incident related fields and some fields used for frontend display) Allow empty: True |
|
| alertPolicyUUIDs | array | Alert policy UUID Allow empty: False |
|
| dashboardUUID | string | Associated dashboard id Allow empty: False |
|
| tags | array | Tag names used for filtering Allow empty: False Example: ['xx', 'yy'] |
|
| secret | string | Unique identifier secret for the middle segment of the Webhook address (generally a random uuid, ensuring uniqueness within the workspace) Allow empty: False Example: secret_xxxxx |
|
| jsonScript | json | Rule configuration Allow empty: False |
|
| jsonScript.targetWorkspaceUUID | string | Target workspace, cross-workspace query, only supports threshold detection type (added in 2025-08-13 iteration) Allow empty: False Allow empty string: False |
|
| jsonScript.targetWorkspaceUUIDs | array | Multiple target workspaces, cross-workspace query, only supports threshold detection type (added in 2025-11-12 iteration) Allow empty: False Allow empty string: False |
|
| jsonScript.type | string | Y | Check method type Example: simpleCheck Allow empty: False |
| jsonScript.windowDql | string | window dql Allow empty: False |
|
| jsonScript.title | string | Y | Generated event title Example: Monitor: {monitor_name} Checker:{monitor_checker_name} Triggered value:{M1} Allow empty: False Allow empty string: True Max length: 256 |
| jsonScript.message | string | event content Example: status: {status}, title: {title} Allow empty: False Allow empty string: True |
|
| jsonScript.recoverTitle | string | Output recovery event title template Example: Monitor: {monitor_name} Checker:{monitor_checker_name} Triggered value:{M1} Allow empty: False Allow empty string: True |
|
| jsonScript.recoverMessage | string | Output recovery event message template Example: status: {status}, title: {title} Allow empty: False Allow empty string: True |
|
| jsonScript.noDataTitle | string | Output no data event title template Example: Monitor: {monitor_name} Checker:{monitor_checker_name} Triggered value:{M1} Allow empty: False Allow empty string: True |
|
| jsonScript.noDataMessage | string | Output no data event message template Example: status: {status}, title: {title} Allow empty: False Allow empty string: True |
|
| jsonScript.openNotificationMessage | boolean | Whether to enable event notification content, default disabled (using event content as notification content) Example: False Allow empty: False |
|
| jsonScript.notificationMessage | string | Event notification content Example: Monitor: {monitor_name} Checker:{monitor_checker_name} Triggered value:{M1} Allow empty: False Allow empty string: True |
|
| jsonScript.openNoDataNotificationMessage | boolean | Whether to enable no data event notification content, default disabled (using no data event content as notification content) Example: False Allow empty: False |
|
| jsonScript.noDataNotificationMessage | string | No data event notification content Example: status: {status}, title: {title} Allow empty: False Allow empty string: True |
|
| jsonScript.noDataRecoverTitle | string | Output no data recovery upload event title template Example: Monitor: {monitor_name} Checker:{monitor_checker_name} Triggered value:{M1} Allow empty: False Allow empty string: True |
|
| jsonScript.noDataRecoverMessage | string | Output no data recovery upload event message template Example: status: {status}, title: {title} Allow empty: False Allow empty string: True |
|
| jsonScript.every | string | Check frequency Example: 1m Allow empty: False |
|
| jsonScript.customCrontab | string | Custom detection frequency Example: 0 */12 * * * Allow empty: False |
|
| jsonScript.interval | integer | Query interval, i.e., the time range difference for one query Example: 60 Allow empty: False |
|
| jsonScript.range | integer | Range parameter for advanced detection, mutation detection, unit s Example: 3600 Allow empty: False |
|
| jsonScript.range_2 | integer | range_2 parameter for advanced detection, mutation detection, unit s, special note (-1 represents chain ratio, 0 represents using periodBefore field) Example: 600 Allow empty: False |
|
| jsonScript.periodBefore | integer | (Yesterday/one hour ago) parameter for advanced detection, mutation detection, unit s Example: 600 Allow empty: False |
|
| jsonScript.recoverNeedPeriodCount | integer | Specify the number of check periods after which an anomaly generates a recovery event. If the detection frequency is customCrontab, this field represents the time length, unit s, otherwise, it represents the number of detection frequencies. Example: 60 Allow empty: False |
|
| jsonScript.noDataInterval | integer | Time period without data to generate a no data event Example: 60 Allow empty: False |
|
| jsonScript.noDataAction | string | No data processing operation Allow empty: False Allowed values: ['none', 'checkAs0', 'noDataEvent', 'criticalEvent', 'errorEvent', 'warningEvent', 'okEvent', 'noData', 'recover'] |
|
| jsonScript.checkFuncs | array | Check function information list Example: [{'funcId': 'xxx', 'kwargs': {}}] Allow empty: False |
|
| jsonScript.groupBy | array | Trigger dimension Example: ['Gender'] Allow empty: False |
|
| jsonScript.targets | array | Check target Example: [{'dql': 'M:: Soldier Info:(AVG(Potential Value)) [::auto] by Gender', 'alias': 'M1'}] Allow empty: False |
|
| jsonScript.checkerOpt | json | Check condition settings Allow empty: False |
|
| jsonScript.checkerOpt.disableLargeScaleEventProtect | boolean | Whether to disable large-scale event protection, default false Example: True |
|
| jsonScript.checkerOpt.script | string | Script content for programmable monitor Allow empty: False Allow empty string: True |
|
| jsonScript.checkerOpt.rules | array | Trigger condition list Example: [{'status': 'warning', 'conditions': [{'operands': [60], 'operator': '>', 'alias': 'M1'}], 'conditionLogic': 'and', 'matchTimes': 10}] Allow empty: False |
|
| jsonScript.checkerOpt.openOkConditions | boolean | Enable hierarchical recovery, default disabled false Example: True |
|
| jsonScript.checkerOpt.openMatchTimes | boolean | Enable continuous trigger judgment, default disabled false Example: True |
|
| jsonScript.checkerOpt.infoEvent | boolean | Whether to generate info event during continuous normal state, default false Example: True |
|
| jsonScript.checkerOpt.diffMode | string | Difference mode for mutation detection in advanced detection, enum value, value, percent Example: value Allowed values: ['value', 'percent'] |
|
| jsonScript.checkerOpt.direction | string | Trigger condition direction for mutation detection, interval detection in advanced detection Example: up Allowed values: ['up', 'down', 'both'] |
|
| jsonScript.checkerOpt.eps | float | Distance parameter, value range: 0 ~ 3.0 Example: 0.5 |
|
| jsonScript.checkerOpt.threshold | json | Trigger prerequisite condition settings for mutation detection Allow empty: False |
|
| jsonScript.checkerOpt.threshold.status | boolean | Y | Mutation detection, whether the trigger prerequisite condition is enabled, Example: True |
| jsonScript.checkerOpt.threshold.operator | string | Y | Mutation detection, trigger prerequisite condition operator Example: |
| jsonScript.checkerOpt.threshold.value | float | Y | Mutation detection, trigger prerequisite condition detection value Example: 90 Allow empty: True |
| jsonScript.checkerOpt.combineExpr | string | Combined monitor, combination method Example: A && B Allow empty string: False |
|
| jsonScript.checkerOpt.ignoreNodata | boolean | Combined monitor, whether to ignore no data results (true means need to ignore), Example: True |
|
| jsonScript.checkerOpt.confidenceInterval | integer | New parameter for interval detection V2, confidence interval range value 1-100, Example: 10 |
|
| jsonScript.channels | array | Channel UUID list Example: ['Name1', 'Name2'] Allow empty: False |
|
| jsonScript.atAccounts | array | List of account UUIDs to be @ during normal detection Example: ['xx1', 'xx2'] Allow empty: False |
|
| jsonScript.atNoDataAccounts | array | List of account UUIDs to be @ during no data situation Example: ['xx1', 'xx2'] Allow empty: False |
|
| jsonScript.subUri | string | Represents the address suffix of the Webhook address (optionally set according to user business side requirements, no special restrictions) Example: datakit/push Allow empty: False |
|
| jsonScript.disableCheckEndTime | boolean | Whether to disable end time restriction Example: True Allow empty: False |
|
| jsonScript.eventChartEnable | boolean | Whether to enable event chart, default disabled (note: only effective when the main storage engine logging is doris) Example: False Allow empty: False |
|
| jsonScript.eventCharts | array | Event chart list Example: True Allow empty: False |
|
| jsonScript.eventCharts[*] | None | ||
| jsonScript.eventCharts[*].dql | string | Query statement for event chart Example: M:: cpu:(avg(load5s)) BY host Allow empty: False |
|
| openPermissionSet | boolean | Enable custom permission configuration, (default false: not enabled), after enabling, the operation permissions for this rule are based on permissionSet Allow empty: False |
|
| permissionSet | array | Operation permission configuration, configurable (role (except owner), member uuid, team uuid) Example: ['wsAdmin', 'acnt_xxxx', 'group_yyyy'] Allow empty: False |
Parameter Supplementary Explanation¶
Data description.
jsonScript parameter description
1. Check type jsonScript.type description
| key | Description |
|---|---|
| simpleCheck | Threshold detection |
| seniorMutationsCheck | Mutation detection |
| seniorRangeCheck | Interval detection |
| seniorRangeV2Check | Interval detection V2 |
| outlierCheck | Outlier detection |
| loggingCheck | Log detection |
| processCheck | Process anomaly detection |
| objectSurvivalCheck | Infrastructure survival detection |
| objectSurvivalV2Check | Infrastructure survival detection V2, only supports doris workspace |
| objectChangeCheck | Infrastructure change detection |
| apmCheck | APM indicator detection |
| rumCheck | RUM indicator detection |
| securityCheck | Security Check anomaly detection |
| cloudDialCheck | Synthetic Testing Anomaly Detection |
| networkCheck | Network data detection |
| OuterEventChecker | External event detection |
| smartHostCheck | Intelligent monitor, host intelligent detection |
| smartLogCheck | Intelligent monitor, log intelligent detection |
| smartApmCheck | Intelligent monitor, application intelligent detection |
| smartRumCheck | Intelligent monitor, user access intelligent detection |
| smartKubeCheck | Intelligent monitor, Kubernetes intelligent detection |
| smartCloudBillingCheck | Intelligent monitor, cloud billing intelligent detection |
| combinedCheck | Combined monitor |
| programmableCheck | Programmable monitor |
2. Description of decommissioned check types jsonScript.type
| key | Description |
|---|---|
| seniorCheck | Advanced check, decommissioned |
| mutationsCheck | Mutation check, decommissioned, updated to seniorMutationsCheck |
| waterLevelCheck | Water level check, decommissioned |
| rangeCheck | Interval check, decommissioned, updated to seniorRangeCheck |
3. **Trigger condition comparison operator description (parameter description in checkerOpt.rules)
| Parameter Name | type | Required | Description |
|---|---|---|---|
| conditions | Array[Dict] | Required | Conditions |
| conditions[#].alias | String | Required | Detection object alias, i.e., the above targets[#].alias |
| conditions[#].operator | String | Required | Operator. = , > , < , etc. |
| conditions[#].operands | Array[Any] | Required | Operand array. (Operators like between, in require multiple operands) |
| conditionLogic | string | Required | Logic between conditions. and , or |
| status | string | Required | Event status output when conditions are met. Values are the same as event status |
| direction | string | 【Interval/Water level/Mutation parameter】Detection direction, values: "up", "down", "both" | |
| periodNum | integer | 【Interval/Water level/Mutation parameter】Only detect the number of recent data points | |
| checkPercent | integer | 【Interval parameter】 Anomaly percentage threshold, value: 1 ~ 100 | |
| checkCount | integer | 【Water level/Mutation parameter】Number of consecutive anomaly points | |
| strength | integer | 【Water level/Mutation parameter】Detection strength, values: 1=weak, 2=medium, 3=strong | |
| matchTimes | integer | Number of times for continuous trigger configuration when checkerOpt.openMatchTimes is enabled [1,10] | |
| okConditions | Array[Dict] | Recovery conditions | |
| okConditions[#].alias | String | Detection object alias, i.e., the above targets[#].alias | |
| okConditions[#].operator | String | Operator. = , > , < , etc. | |
| okConditions[#].operands | Array[Any] | Operand array. (Operators like between, in require multiple operands) |
4.Simple/Log/Water level/Mutation/Interval check jsonScript.type in (simpleCheck, loggingCheck, waterLevelCheck, mutationsCheck, rangeCheck, securityCheck) parameter information
| Parameter Name | type | Required | Description |
|---|---|---|---|
| title | string | Y | Output fault event title template |
| message | string | N | Output fault event message template |
| recoverTitle | string | N | Output recovery event title template |
| recoverMessage | string | N | Output recovery event message template |
| noDataTitle | string | N | Output no data event title template |
| noDataMessage | string | N | Output no data event message template |
| noDataRecoverTitle | string | N | Output no data recovery upload event title template |
| noDataRecoverMessage | string | N | Output no data recovery upload event message template |
| openNotificationMessage | boolean | N | Whether to enable event notification content |
| notificationMessage | string | N | Event notification content |
| openNoDataNotificationMessage | string | N | Whether to enable no data event notification content |
| noDataNotificationMessage | string | N | No data event notification content |
| name | string | Y | Rule name |
| type | string | Y | Rule type |
| every | string | Y | Check frequency, unit is (1m/1h/1d) |
| customCrontab | string | N | Custom check frequency crontab |
| interval | integer | Y | Data time range difference, i.e., time_range difference, unit: seconds |
| recoverNeedPeriodCount | integer | Y | Generate recovery event after exceeding the specified number of check periods. If the detection frequency is customCrontab, this field represents the time length, unit s, otherwise, it represents the number of detection frequencies. |
| noDataInterval | integer | N | Time period without data to generate a no data event |
| noDataAction | string | N | No data processing operation |
| targets | array | Y | Check target list in simple check |
| targets[*].dql | string | Y | DQL query statement |
| targets[*].alias | string | Y | Alias |
| targets[*].monitorCheckerId | string | Y | Combined monitor, monitor ID (rul_xxxxx) |
| checkerOpt | json | N | Check configuration, optional |
| checkerOpt.rules | array | Y | Check rule list |
| checkerOpt.openMatchTimes | boolean | N | Whether to enable continuous trigger judgment, default disabled false |
| checkerOpt.openOkConditions | boolean | N | Enable recovery condition configuration, default disabled false |
| checkerOpt.disableLargeScaleEventProtect | boolean | N | Whether to disable large-scale event protection, default false |
5. jsonScript.noDataAction parameter information
| Parameter Name | Description |
|---|---|
| none | No action (same as [Turn off no data related processing]) |
| checkAs0 | Query result is treated as 0 |
| noDataEvent | Trigger recovery event(noData) |
| criticalEvent | Trigger critical event(crtical) |
| errorEvent | Trigger error event(error) |
| warningEvent | Trigger warning event(warning) |
| okEvent | Trigger recovery event(ok) |
| noData | Generate no data event, this parameter was decommissioned on 2024-04-10, its function logic is equivalent to noDataEvent, can be directly replaced with noDataEvent |
| recover | Trigger recovery event, this parameter was decommissioned on 2024-04-10, its function logic is equivalent to okEvent, can be directly replaced with okEvent |
6. Advanced check jsonScript.type in (seniorCheck) parameter information
| Parameter Name | type | Required | Description |
|---|---|---|---|
| title | string | Y | Output fault event title template |
| message | string | N | Output fault event message template |
| recoverTitle | string | N | Output recovery event title template |
| recoverMessage | string | N | Output recovery event message template |
| noDataTitle | string | N | Output no data event title template |
| noDataMessage | string | N | Output no data event message template |
| noDataRecoverTitle | string | N | Output no data recovery upload event title template |
| noDataRecoverMessage | string | N | Output no data recovery upload event message template |
| type | string | Y | Rule type |
| every | string | Y | Check frequency, unit is (1m/1h/1d) |
| customCrontab | string | N | Custom check frequency crontab |
| checkFuncs | array | Y | Advanced check function list, note it has only one element |
| checkFuncs[#].funcId | string | Y | Function ID, can be obtained through the 【External function】List interface, get the custom check function list with funcTags=monitorType|custom |
| checkFuncs[#].kwargs | json | N | Parameter data required by this advanced function |
7. Mutation check seniorMutationsCheck parameter description
| Parameter Name | type | Required | Description |
|---|---|---|---|
| jsonScript.range | integer | N | Result time period 1 for detection indicator |
| jsonScript.range_2 | integer | N | Result time period 2 for detection indicator, special note: (-1 represents chain ratio, 0 represents using periodBefore field) |
| jsonScript.periodBefore | integer | N | When jsonScript.range_2 is 0, this field represents (yesterday/one hour ago) |
| jsonScript.checkerOpt.diffMode | string | N | Difference mode for mutation detection (difference: value, difference percentage: percent |
| jsonScript.checkerOpt.threshold.status | boolean | N | Trigger prerequisite condition settings for mutation detection, enable/disable |
| jsonScript.checkerOpt.threshold.operator | string | N | Trigger prerequisite condition settings for mutation detection, operator |
| jsonScript.checkerOpt.threshold.value | float | N | Trigger prerequisite condition settings for mutation detection, detection value |
8. Combined monitor related field parameter description
| Parameter Name | type | Required | Description |
|---|---|---|---|
| jsonScript.checkerOpt.combineExpr | string | Y | Combination method, e.g.: A && B |
| jsonScript.checkerOpt.ignoreNodata | boolean | N | Whether to ignore no data results (true means need to ignore) |
9. External event detection jsonScript.type in (OuterEventChecker) related field parameter description
| Parameter Name | type | Required | Description |
|---|---|---|---|
| secret | string | Y | A random string of any length, unique within the workspace, used to identify the monitor to which the event belongs. |
| jsonScript.subUri | string | Represents the address suffix of the Webhook address (optionally set according to user business side requirements, no special restrictions) |
10. Field disableCheckEndTime description
The processing logic for reported data Guance includes two modes: append write and update overwrite. According to the characteristics of these two types of data, monitoring needs to be treated differently. This difference applies to all modules including monitors, intelligent monitors, and intelligent inspections. When configuring monitor detection for all data types with the update overwrite mechanism, to avoid data escaping within a fixed time range due to the monitor execution delay of 1 minute, the detection interval for such monitor types does not specify an end time. Involved monitor types: threshold detection, mutation detection, interval detection, outlier detection, process anomaly detection, infrastructure survival detection, RUM indicator detection (specific indicators, see table below)
| Data Type | Namespace | Write Mode |
|---|---|---|
| Metrics | M | Append |
| Events | E | Append |
| Unrecovered Events | UE | Overwrite |
| Infrastructure-Objects | O | Overwrite |
| Infrastructure-Custom Objects | CO | Overwrite |
| Infrastructure-Object History | OH | Append |
| Infrastructure-Custom Object History | COH | Append |
| Logs / Synthetic Tests / CI Visualization | L | Append |
| APM-Traces | T | Append |
| APM-Profile | P | Append |
| RUM-Session | R::session | Overwrite |
| RUM-View | R::view | Overwrite |
| RUM-Resource | R::resource | Append |
| RUM-Long Task | R::long_task | Append |
| RUM-Action | R::action | Append |
| RUM-Error | R::error | Append |
| Security Check | S |
All write modes that are Overwrite require disableCheckEndTime to be set to true
11. Interval detection V2 version related parameter field description
| Parameter Name | type | Required | Description |
|---|---|---|---|
| jsonScript.checkerOpt.confidenceInterval | integer | Y | Confidence interval range, value 1-100% |
12. Monitor operation permission configuration parameter description
| Parameter Name | type | Description |
|---|---|---|
| openPermissionSet | boolean | Whether to enable custom permission configuration, default false |
| permissionSet | array | Operation permission configuration |
**permissionSet, openPermissionSet field description (added in 2024-06-26 iteration): ** After configuring openPermissionSet to enable, only the workspace owner and roles, teams, members belonging to the permissionSet configuration can perform edit/enable/disable/delete operations. After configuring openPermissionSet to disable (default), the delete/enable/disable/edit permissions follow the original interface edit/enable/disable/delete permissions.
The permissionSet field can be configured with role UUID(wsAdmin,general, readOnly, role_xxxxx ), team UUID(group_yyyy), member UUID(acnt_xxx) permissionSet field example:
13. Associated Incident configuration description
| Parameter Name | type | Description |
|---|---|---|
| extend.isNeedCreateIssue | boolean | Whether to associate Incident, default not associated |
| extend.issueDfStatus | array | Optional 4 types (critical, error, warning, nodata). When issueDfStatus exists: Issues are created only when the event df_status generated by the monitor is within issueDfStatus. If issueDfStatus does not exist, Issues are created for all. |
| extend.issueLevelUUID | string | Issue level UUID |
| extend.manager | array | Responsible person information (email/workspace member/team) when creating Issue, example: ["xxx@guance.com","acnt_yyyy", "group_"] |
| extend.needRecoverIssue | boolean | Whether event recovery needs to synchronously close the issue, default false |
| jsonScript.channels | string | When isNeedCreateIssue is true, this field is required. Issue channel information, example: ["chan_xxx", "chan_yyy"] |
Request Example¶
curl 'https://openapi.guance.com/api/v1/checker/add' \
-H 'DF-API-KEY: <DF-API-KEY>' \
-H 'Content-Type: application/json;charset=UTF-8' \
--data-raw '{"extend":{"funcName":"","isNeedCreateIssue":false,"issueLevelUUID":"","needRecoverIssue":false,"querylist":[{"datasource":"dataflux","qtype":"dql","query":{"alias":"","code":"Result","dataSource":"ssh","field":"ssh_check","fieldFunc":"count","fieldType":"float","funcList":[],"groupBy":["host"],"groupByTime":"","namespace":"metric","q":"M::`ssh`:(count(`ssh_check`)) BY `host`","type":"simple"},"uuid":"aada629a-672e-46f9-9503-8fd61065c382"}],"rules":[{"conditionLogic":"and","conditions":[{"alias":"Result","operands":["90"],"operator":">="}],"status":"critical"},{"conditionLogic":"and","conditions":[{"alias":"Result","operands":["0"],"operator":">="}],"status":"error"}]},"jsonScript":{"atAccounts":[],"atNoDataAccounts":[],"channels":[],"checkerOpt":{"infoEvent":false,"rules":[{"conditionLogic":"and","conditions":[{"alias":"Result","operands":["90"],"operator":">="}],"status":"critical"},{"conditionLogic":"and","conditions":[{"alias":"Result","operands":["0"],"operator":">="}],"status":"error"}]},"disableCheckEndTime":false,"every":"1m","groupBy":["host"],"interval":300,"message":">Level:{status} \n>Host:{host} \n>Content:Host SSH Status {{ Result | to_fixed(2) }}% \n>Suggestion:Check Host SSH Service Status","noDataMessage":"","noDataTitle":"","recoverNeedPeriodCount":2,"targets":[{"alias":"Result","dql":"M::`ssh`:(count(`ssh_check`)) BY `host`","qtype":"dql"}],"title":"Host {{ host }} SSH Service Exception-Add Alert Policy","type":"simpleCheck"},"alertPolicyUUIDs":["altpl_xxxx32","altpl_xxxx32"]}' \
--compressed
Response¶
{
"code": 200,
"content": {
"alertPolicyUUIDs": [
"altpl_xxxx32",
"altpl_xxxx32"
],
"createAt": 1710831393,
"createdWay": "manual",
"creator": "wsak_xxxx",
"crontabInfo": {
"crontab": "*/1 * * * *",
"id": "cron-2n8ZyrMWKXB8"
},
"declaration": {
"b": [
"asfawfgajfasfafgafwba",
"asfgahjfaf"
],
"business": "aaa",
"organization": "64fe7b4062f74d0007b46676"
},
"deleteAt": -1,
"extend": {
"funcName": "",
"isNeedCreateIssue": false,
"issueLevelUUID": "",
"needRecoverIssue": false,
"querylist": [
{
"datasource": "dataflux",
"qtype": "dql",
"query": {
"alias": "",
"code": "Result",
"dataSource": "ssh",
"field": "ssh_check",
"fieldFunc": "count",
"fieldType": "float",
"funcList": [],
"groupBy": [
"host"
],
"groupByTime": "",
"namespace": "metric",
"q": "M::`ssh`:(count(`ssh_check`)) BY `host`",
"type": "simple"
},
"uuid": "aada629a-672e-46f9-9503-8fd61065c382"
}
],
"rules": [
{
"conditionLogic": "and",
"conditions": [
{
"alias": "Result",
"operands": [
"90"
],
"operator": ">="
}
],
"status": "critical"
},
{
"conditionLogic": "and",
"conditions": [
{
"alias": "Result",
"operands": [
"0"
],
"operator": ">="
}
],
"status": "error"
}
]
},
"id": null,
"isLocked": false,
"jsonScript": {
"atAccounts": [],
"atNoDataAccounts": [],
"channels": [],
"checkerOpt": {
"infoEvent": false,
"rules": [
{
"conditionLogic": "and",
"conditions": [
{
"alias": "Result",
"operands": [
"90"
],
"operator": ">="
}
],
"status": "critical"
},
{
"conditionLogic": "and",
"conditions": [
{
"alias": "Result",
"operands": [
"0"
],
"operator": ">="
}
],
"status": "error"
}
]
},
"disableCheckEndTime": false,
"every": "1m",
"groupBy": [
"host"
],
"interval": 300,
"message": ">Level:{status} \n>Host:{host} \n>Content:Host SSH Status {{ Result | to_fixed(2) }}% \n>Suggestion:Check Host SSH Service Status",
"name": "Host {{ host }} SSH Service Exception-Add Alert Policy",
"noDataMessage": "",
"noDataTitle": "",
"recoverNeedPeriodCount": 2,
"targets": [
{
"alias": "Result",
"dql": "M::`ssh`:(count(`ssh_check`)) BY `host`",
"qtype": "dql"
}
],
"title": "Host {{ host }} SSH Service Exception-Add Alert Policy",
"type": "simpleCheck"
},
"monitorName": "default",
"monitorUUID": "monitor_xxxx32",
"refKey": "",
"secret": "",
"status": 0,
"tagInfo": [],
"type": "trigger",
"updateAt": null,
"updator": null,
"uuid": "rul_xxxx32",
"workspaceUUID": "wksp_xxxx32"
},
"errorCode": "",
"message": "",
"success": true,
"traceId": "TRACE-014A6CF1-E9D8-4EA7-9527-D3C39CC3A94A"
}