Archived community.zenoss.org | full text search
Skip navigation
Up to Discussions in zenoss-users
1 2 Previous Next 130601 Views 27 Replies Latest reply: Aug 20, 2012 9:54 AM by Ryan Matte RSS
that1guy15 Rank: White Belt
that1guy15
48 posts since
Sep 18, 2009
Currently Being Moderated

Feb 2, 2010 1:12 PM

Move Events to History every hour

Hey all,

 

I have a large number of events that come into Zenoss via traps. These logs are constant throughout the day/week. The events are properly being de-dupped for each server. My problem is i am only concerned with looking at the past hours events. I would like any event older than an hour to be sent to the history. But since each event comes in at least 4 -5 an hour, the event never ages since it is de-dupped and combined with old events.Thus the event never goes to history unless i manually send it.

 

Im not seeing an option under the Event Manager to force events to history.

 

Any help would be great thanks!

 

That1guy15

Tags: events, history, aging
  • Matt Ray Rank: Zen Master
    Matt Ray
    2,484 posts since
    Apr 5, 2008
    Currently Being Moderated
    1. Feb 2, 2010 2:19 PM (in response to that1guy15)
    Re: Move Events to History every hour

    You could reduce the "Event Aging Threshold (hours)" on the Event Manager tab.  This would affect all events though.

     

    Thanks,

    Matt Ray

    Zenoss Community Manager

    community.zenoss.org

    mray@zenoss.com

  • that1guy15 Rank: White Belt
    that1guy15
    48 posts since
    Sep 18, 2009
    Currently Being Moderated
    2. Feb 2, 2010 2:32 PM (in response to Matt Ray)
    Re: Move Events to History every hour

    Thanks for the quick reply!

     

    That was my first thought... The problem is the events keep coming in and gets added to the existing de-dupped event so an event never ages.

     

    Basically the count on each event keeps going up every 15 or 20 minutes or so the events never age.

     

    Does this make sense?

     

    Im trying to force all events to the history every hour.

     

    Once again thanks!

  • mwcotton Rank: Brown Belt
    mwcotton
    563 posts since
    Apr 23, 2008
    Currently Being Moderated
    3. Feb 2, 2010 8:13 PM (in response to that1guy15)
    Re: Move Events to History every hour

    I believe your going to have to do this outside of zenoss, connecting to the mysql events database. The schema is very straightforward.

  • Ryan Matte ZenossMaster
    Ryan Matte
    653 posts since
    Mar 26, 2009
    Currently Being Moderated
    4. Feb 2, 2010 9:00 PM (in response to mwcotton)
    Re: Move Events to History every hour

    No need to touch MySQL directly.

     

    What he wants to do can be done with a simple python script setup as an hourly crontab job.

     

    Here's the code to clear the active event console:

     

    #!/usr/bin/env python
import Globals
from Products.ZenUtils.ZenScriptBase import ZenScriptBase
from transaction import commit

dmd = ZenScriptBase(connect=True).dmd

for e in dmd.ZenEventManager.getEventList([], "", "lastTime ASC, firstTime ASC"):
    dmd.ZenEventManager.manage_deleteEvents(e.evid)

     

    Save that as a .py, and setup a crontab job to execute the script every hour (under the zenoss user account).

     

    Cheers.

  • that1guy15 Rank: White Belt
    that1guy15
    48 posts since
    Sep 18, 2009
    Currently Being Moderated
    5. Feb 3, 2010 12:57 PM (in response to Ryan Matte)
    Re: Move Events to History every hour

    Thanks Ryan!

     

    I have two concerns with pulling the events via a script out of the dataase.

     

    1) will the details and other events related tables be cleared too?

     

    2) i dont want to fully remove the events form the database I just want to shift them over to the history. Also im guessing I can get more detailed and move just events with a specific severity?

     

    Thanks for the help!

     

    That1guy15

  • Ryan Matte ZenossMaster
    Ryan Matte
    653 posts since
    Mar 26, 2009
    Currently Being Moderated
    6. Feb 3, 2010 3:13 PM (in response to that1guy15)
    Re: Move Events to History every hour

    1. No event details data will be lost at all, it will be as though you selected all events and did move to history by hand.

     

    2. The function is misleading, I know it says deleteEvents but what it will actually do is simply move the events from the active event console to history.  No events will be removed from the MySQL database at all.

  • mwcotton Rank: Brown Belt
    mwcotton
    563 posts since
    Apr 23, 2008
    Currently Being Moderated
    7. Feb 3, 2010 5:14 PM (in response to Ryan Matte)
    Re: Move Events to History every hour

    Woohoo! Thats even cooler!!!!

    I will be stealing that

  • Ryan Matte ZenossMaster
    Ryan Matte
    653 posts since
    Mar 26, 2009
    Currently Being Moderated
    8. Feb 3, 2010 5:29 PM (in response to mwcotton)
    Re: Move Events to History every hour

    Help yourself

  • that1guy15 Rank: White Belt
    that1guy15
    48 posts since
    Sep 18, 2009
    Currently Being Moderated
    9. Feb 3, 2010 5:30 PM (in response to Ryan Matte)
    Re: Move Events to History every hour

    Thanks again for the reply!

     

    ill put this into place and give it a shot.

     

    To add to my goal im only wanting to move alerts below error (4) to the history. Would this be acomplished with the bellow lines?

     

    for e in dmd.ZenEventManager.getEventList([], "", severity <4, "lastTime ASC, firstTime ASC"):
        dmd.ZenEventManager.manage_deleteEvents(e.evid)
  • Ryan Matte ZenossMaster
    Ryan Matte
    653 posts since
    Mar 26, 2009
    Currently Being Moderated
    10. Feb 4, 2010 8:14 AM (in response to that1guy15)
    Re: Move Events to History every hour

    I'm not sure that would work.  I would personally do it this way...

     

    #!/usr/bin/env python
import Globals
from Products.ZenUtils.ZenScriptBase import ZenScriptBase
from transaction import commit

dmd = ZenScriptBase(connect=True).dmd

for e in dmd.ZenEventManager.getEventList([], "", "lastTime ASC, firstTime ASC"):
    evt = dmd.ZenEventManager.getEventDetailFromStatusOrHistory(e.evid)
    if evt.severity < 4:
        dmd.ZenEventManager.manage_deleteEvents(evt.evid)
  • that1guy15 Rank: White Belt
    that1guy15
    48 posts since
    Sep 18, 2009
    Currently Being Moderated
    11. Feb 4, 2010 1:42 PM (in response to Ryan Matte)
    Re: Move Events to History every hour

    Ryan, thank you so much! you have been a tramendous help.

  • Ryan Matte ZenossMaster
    Ryan Matte
    653 posts since
    Mar 26, 2009
    Currently Being Moderated
    12. Feb 4, 2010 1:44 PM (in response to that1guy15)
    Re: Move Events to History every hour

    My pleasure.

  • that1guy15 Rank: White Belt
    that1guy15
    48 posts since
    Sep 18, 2009
    Currently Being Moderated
    13. Feb 4, 2010 1:51 PM (in response to Ryan Matte)
    Re: Move Events to History every hour

    If you dont mind i would like to add to the complexity...

     

    The events i want to watch on an hourly basis never age out due to new events constanly coming in every 5 min or so and they get de-dupped with the same event from the past. Would it be possible to move events to the history if they are older than hour within a de-dupped event?

     

    For example:

     

    event A comes in at 1:00 and then again at 1:10 which is then de-dupped and the count goes to 2.

     

    at 2:00 the first event is dropped bringing the count back down to 1.

     

    Im seeing that only the firsttime and lasttime fields are kept and nothing for each event. So im guessing this is not possible. I cant have it both ways huh?

     

    Any thoughts?

  • Ryan Matte ZenossMaster
    Ryan Matte
    653 posts since
    Mar 26, 2009
    Currently Being Moderated
    14. Feb 4, 2010 2:45 PM (in response to that1guy15)
    Re: Move Events to History every hour

    That would be pretty complex to do.  You'd have to convert the first time and last time to epoch time and then figure out the amount of time between them to determine the total age of each event (and then perform the action based on that).  I have some projects on the go so I don't currently have time to work out how to do that.

     

    Note: the times are stored as epoch time in MySQL, so there may be some way to directly extract that using Python.

1 2 Previous Next

More Like This

  • Retrieving data ...

Legend

  • Correct Answers - 4 points
  • Helpful Answers - 2 points