This documentation is for WSO2 API Manager 2.5.0 View documentation for the latest release.
Configuring Alerts - API Manager 2.5.0 - WSO2 Documentation

All docs This doc
Provide Feedback
||
Skip to end of metadata
Go to start of metadata

All alerts are configured globally by system administrators. The steps below explain how to change the default parameter values for alerts.

Before you begin, make sure you configure API Manager Analytics so that you can see the alert configurations shown in the screenshots below in the admin portal.

  1. Log into the WSO2 API Manager Admin Portal using the https://localhost:<SERVER_PORT>/admin URL.
  2. Click Settings to expand that section and then click Analytics. This opens the Alert Configurations page as shown below.

    The Status column indicates whether an alert is active or inactive.
  3. If you want to activate a currently inactive alert, click Activate in the relevant row. As a result, the Edit Configuration page opens where you can configure the alert. e.g., if you click Activate for the ConfigureAccessToken alert, the following page opens.
     
  4. If you want to deactivate a currently active alert, click Deactivate in the relevant row and click Yes in the message box that appears to confirm whether you want to deactivate the alert.
  5. If you want to edit an alert, click Edit  for the required alert to open the Edit Configurations page. The parameters you have to configure depends on the alert type you select for this parameter. Click on the relevant tab below to view descriptions for alert-specific parameters.

    Parameter NameDescriptionDefault Value
    Time IntervalThe time intervals at which the request summarization of requests takes place. This value is expressed in seconds. e.g., If the time interval is 20, 20 seconds should elapse after the last request summarization before this operation is repeated.60
    Parameter NameDescriptionDefault Value
    Time IntervalThe time duration for which the number of tier crossings should be calculated.1 day
    Alert Suppression Period in MinutesThe number of minutes to wait after the alert is sent in order to send it again.10
    No of Tier CrossingsThe average number of times a user gets throttled out of the application for reaching its subscribed tier limit. This is calculated for the time interval specified in the Time Interval parameter.10
    Severity LevelThe severity level assigned to the alert. The available levels are as follows.
    • 1: Severe
    • 2: Moderate
    • 3: Mild
    0
    Parameter NameDescriptionDefault Value
    Alert Suppression Period in MinutesThe number of minutes to wait after the alert is sent in order to send it again.10
    Severity LevelThe severity level assigned to the alert. The available levels are as follows.
    • 1: Severe
    • 2: Moderate
    • 3: Mild
    0
    Parameter NameDescriptionDefault Value
    Severity Level of Abnormal Response TimeThe severity level assigned to an alert generated for an abnormal response time. The possible levels are as follows.
    • 1: Severe
    • 2: Moderate
    • 3: Mild
    2
    Severity Level of Abnormal Backend-Response TimeThe severity level assigned to an alert generated for an abnormal response time but he backend. The possible levels are as follows.
    • 1: Severe
    • 2: Moderate
    • 3: Mild
    0
    Parameter NameDescriptionDefault Value
    Regular API TransitionsThe number of API transitions to be considered when calculating the probability value of the current transition. If a value greater than 1 is specified for this parameter, the last API transitions are also considered to determine whether the current transition is an abnormal transition. e.g., If 3 is specified for this parameter, the probability value is the mean of the transition value of the previous two transitions and the current transition.1
    Request CountThe number of requests required from a specific consumer key in order to learn the pattern within the application. Alerts are not generated until the request count reaches this number.500
    Probability ThresholdIf an API transition has a probability value equal to the value calculated as follows, it is considered a suspicious transition and an alert is sent.
    1 - Probability Threshold
    0.95
    Alert Suppression PeriodOnce an alert is generated for a request pattern change, a similar alert is not sent again until the time interval specified for this parameter has passed. This value is expressed in milliseconds.30*60*1000
    Severity LevelThe severity level assigned to the alert. The available levels are as follows.
    • 1: Severe
    • 2: Moderate
    • 3: Mild
    1
    Parameter NameDescriptionDefault Value
     Transition PeriodThe time interval within which the transition by the user should occur. If the time specified for this parameter is exceeded, the transition is considered invalid and an alert is sent.60 min
    Parameter NameDescriptionDefault Value
    Maximum Days Between Last AccessThe maximum number of days that should elapse between two occurrences IP access. Once the number of days specified for this parameter has passed since the IP was last accessed, an alert is sent.30
    Severity LevelThe severity level assigned to the alert. The available levels are as follows.
    • 1: Severe
    • 2: Moderate
    • 3: Mild

    Parameter NameDescriptionDefault Value
    Number of Continuous ResponsesThe number of responses that should fail per minute after the lower percentile value is reached in order to generate an alert. The lower percentile is calculated by the Spark script which runs in the background when WSO2 Analytics - APIM run. This value varies depending on the available data.5
    Number of Continuous Response Time FailsThe time interval in minutes during which responses should continuously fail after the lower percentile value is reached in order to generate an alert. The lower percentile is calculated by the Spark script which runs in the background when WSO2 Analytics - APIM run. This value varies depending on the available data.5
    Time interval(in milliseconds) for API availability status changeThe time interval during which the availability status of the API should be rechecked and updated.300000
    Severity LevelThe severity level assigned to the alert. The available levels are as follows.
    • 1: Severe
    • 2: Moderate
    • 3: Mild
    2
    Parameter NameDescriptionDefault Value
    Lower PercentileThe lower percentile value. If the time interval between two consecutive renewals of an access token is less than this value, the subsequent renewal is identified as an abnormal renewal, and an alert is generated.0.10
    Upper PercentileThe upper percentile value. If the time interval between two consecutive renewals of an access token is more than this value, the subsequent renewal is identified as an abnormal renewal, and an alert is generated.0.95
    Parameter NameDescriptionDefault Value
    PercentileThe percentile value to calculate the threshold.0.05
    Alert Start DateThe starting date from which the alert should be activated.The current date is default.
    Days Considered for Percentile CalculationThe number of days before the Alert Start Date that should be considered for the percentile calculation. e.g., If the Alert Start Date is 01/12/2017, and the Days Considered for Percentile Calculation is 30, the time period 01/11/2017 - 30/11/2017 is considered when calculating the percentile.30
    Days Considered for Abnormal Tier Availability CalculationThe number of days before the Alert Start Date that should be considered for the abnormal tier availability calculation. e.g., If the Alert Start Date is 01/12/2017, and the Days Considered for Abnormal Tier Availability Calculation is 30, the time period 01/11/2017 - 30/11/2017 is considered when calculating the abnormal tier availability.5
    Severity LevelThe severity level assigned to the alert. The available levels are as follows.
    • 1: Severe
    • 2: Moderate
    • 3: Mild
    2
    Parameter NameDescriptionDefault Value
    Lower PercentileIf the number of requests received by an application within a minute is less than this percentile value, it is identified as an abnormal request count and an alert is sent.0.05
    Parameter NameDescriptionDefault Value
    Upper PercentileThe upper percentile value used to calculate the number of requests per minute.0.98
    Lower PercentileThe lower percentile value used to calculate the number of requests per minute.0.05
    Parameter NameDescriptionDefault Value
    Lower PercentileThe lower percentile value used to calculate the number of requests per minute for each API.0.05
    Parameter NameDescriptionDefault Value
    Upper PercentileThe upper percentile value to calculate the response time0.95
    Parameter NameDescriptionDefault Value
    Upper Percentile Response TimeIf the time duration taken by the API to respond is greater than this percentile value, it indicates that the API is slow to respond and an alert is sent.0.95
    Upper Percentile Backend TimeIf the time duration taken by the backend to respond is greater than this percentile value, it indicates that the backend is slow to respond and an alert is sent.0.95
  6. Edit the email address, username, password and other relevant properties in the <APIM-ANALYTICS_HOME>/repository/conf/output-event-adapters.xml file, to point the mail transport sender that is enabled by default in the product to a valid SMTP configuration as shown in the example below. 

    <adapterConfig type="email">    
    	<property key="mail.smtp.from">email-address</property>
        <property key="mail.smtp.user">user-name</property>
        <property key="mail.smtp.password">password</property>
        <property key="mail.smtp.host">smtp.gmail.com</property>
        <property key="mail.smtp.port">587</property>
        <property key="mail.smtp.starttls.enable">true</property>
        <property key="mail.smtp.auth">true</property>
        <!-- Thread Pool Related Properties -->
        <property key="maxThread">100</property>
        <property key="keepAliveTimeInMillis">20000</property>
        <property key="jobQueueSize">10000</property>
    </adapterConfig>

    In gmail account security settings you may have to enable the Allow less secure apps option in order to connect the account to WSO2 products.

  • No labels