From b81522f94b9f6247373dd4249312846f737aa261 Mon Sep 17 00:00:00 2001 From: Thomas Labarussias Date: Fri, 20 Sep 2024 18:40:39 +0200 Subject: [PATCH] use the names of the priorities in the prometheus rules Signed-off-by: Thomas Labarussias --- charts/falcosidekick/CHANGELOG.md | 1 + charts/falcosidekick/templates/prometheusrule.yaml | 10 +++++----- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/charts/falcosidekick/CHANGELOG.md b/charts/falcosidekick/CHANGELOG.md index 67d9f19e..8a6a4e04 100644 --- a/charts/falcosidekick/CHANGELOG.md +++ b/charts/falcosidekick/CHANGELOG.md @@ -11,6 +11,7 @@ Before release 0.1.20, the helm chart can be found in `falcosidekick` [repositor - Add the possibility to override the default redis server settings - Allow to set up a password to use with an external redis - Fix wrong value used for `OTLP_TRACES_PROTOCOL` env var +- Used names for the priorities in the prometheus rules ## 0.8.5 diff --git a/charts/falcosidekick/templates/prometheusrule.yaml b/charts/falcosidekick/templates/prometheusrule.yaml index 6afe287a..2862102a 100644 --- a/charts/falcosidekick/templates/prometheusrule.yaml +++ b/charts/falcosidekick/templates/prometheusrule.yaml @@ -38,7 +38,7 @@ spec: annotations: summary: Falco is experiencing high rate of warning events description: A high rate of warning events are being detected by Falco - expr: rate(falco_events{priority="4"}[{{ .Values.prometheusRules.alerts.warning.rate_interval }}]) > {{ .Values.prometheusRules.alerts.warning.threshold }} + expr: rate(falco_events{priority="Warning"}[{{ .Values.prometheusRules.alerts.warning.rate_interval }}]) > {{ .Values.prometheusRules.alerts.warning.threshold }} for: 15m labels: severity: warning @@ -48,7 +48,7 @@ spec: annotations: summary: Falco is experiencing high rate of error events description: A high rate of error events are being detected by Falco - expr: rate(falco_events{priority="3"}[{{ .Values.prometheusRules.alerts.error.rate_interval }}]) > {{ .Values.prometheusRules.alerts.error.threshold }} + expr: rate(falco_events{priority="Error"}[{{ .Values.prometheusRules.alerts.error.rate_interval }}]) > {{ .Values.prometheusRules.alerts.error.threshold }} for: 15m labels: severity: warning @@ -58,7 +58,7 @@ spec: annotations: summary: Falco is experiencing high rate of critical events description: A high rate of critical events are being detected by Falco - expr: rate(falco_events{priority="2"}[{{ .Values.prometheusRules.alerts.critical.rate_interval }}]) > {{ .Values.prometheusRules.alerts.critical.threshold }} + expr: rate(falco_events{priority="Critical"}[{{ .Values.prometheusRules.alerts.critical.rate_interval }}]) > {{ .Values.prometheusRules.alerts.critical.threshold }} for: 15m labels: severity: critical @@ -68,7 +68,7 @@ spec: annotations: summary: Falco is experiencing high rate of alert events description: A high rate of alert events are being detected by Falco - expr: rate(falco_events{priority="1"}[{{ .Values.prometheusRules.alerts.alert.rate_interval }}]) > {{ .Values.prometheusRules.alerts.alert.threshold }} + expr: rate(falco_events{priority="Alert"}[{{ .Values.prometheusRules.alerts.alert.rate_interval }}]) > {{ .Values.prometheusRules.alerts.alert.threshold }} for: 5m labels: severity: critical @@ -78,7 +78,7 @@ spec: annotations: summary: Falco is experiencing high rate of emergency events description: A high rate of emergency events are being detected by Falco - expr: rate(falco_events{priority="0"}[{{ .Values.prometheusRules.alerts.emergency.rate_interval }}]) > {{ .Values.prometheusRules.alerts.emergency.threshold }} + expr: rate(falco_events{priority="Emergency"}[{{ .Values.prometheusRules.alerts.emergency.rate_interval }}]) > {{ .Values.prometheusRules.alerts.emergency.threshold }} for: 1m labels: severity: critical