Hello,
We're monitoring some custom numeric data, configured through UserParameters.
The custom data represents the number of api calls that has been used by a certain customer.
We would like to monitor the data, and get notified if some client has unusually high or low usage, compared to 'previous normal usage'.
For this we defined a UserParameter script in the Zabbix agent which can collect the usage data:
In the Zabbix template ApiCalls, which we attach to the customers API server, we define an item with key:
This data is collected as expected, and on this we would like to do anomaly detection.
Since the numeric data is always incrementing, we cannot use trend functions directly (we suppose).
We were thinking about creating a Calculated Item first based on the apicalls item, which represents the change between the current and previous value.
As key we use:
As formula we use:
This gets item gets created, but on a host with the template configured, we see the item is not supported with the message:
We use the same notation for some triggers on other custom_data entries, which works fine.
We would like to use trendstl or similar to detect anomalies in the usage data.
Our questions for you:
- how can we calculate the change of a custom item (including a macro and another parameter as input to UserParameter)?
- how do we monitor trends of always rising counters (do we need to calculate change first, or is there another way)?
kind regards
We're monitoring some custom numeric data, configured through UserParameters.
The custom data represents the number of api calls that has been used by a certain customer.
We would like to monitor the data, and get notified if some client has unusually high or low usage, compared to 'previous normal usage'.
For this we defined a UserParameter script in the Zabbix agent which can collect the usage data:
Code:
UserParameter=custom_data[*],"./custom_data.sh $1 $2"
Code:
custom_data[{$SOME_MACRO},api_calls]
Since the numeric data is always incrementing, we cannot use trend functions directly (we suppose).
We were thinking about creating a Calculated Item first based on the apicalls item, which represents the change between the current and previous value.
As key we use:
Code:
custom_data[{$SOME_MACRO},api_calls_diff]
Code:
change(/ApiCalls/custom_data[{$SOME_MACRO},api_calls])
Code:
Cannot evaluate function: item "/ApiCalls/custom_data[{$SOME_MACRO},api_calls]" does not exist at "change(/ApiCalls/custom_data[{$SOME_MACRO},api_calls])".
We would like to use trendstl or similar to detect anomalies in the usage data.
Our questions for you:
- how can we calculate the change of a custom item (including a macro and another parameter as input to UserParameter)?
- how do we monitor trends of always rising counters (do we need to calculate change first, or is there another way)?
kind regards
Comment