Docs » List of available AutoDetect detectors

List of available AutoDetect detectors 🔗

AutoDetect detectors and their arguments are driven by SignalFlow functions in the SignalFlow library.

The following tables show available AutoDetect detectors and their customizable arguments. To learn more about the driving SignalFlow functions, see the GitHub link in each AutoDetect detector section.

AWS 🔗

AWS/RDS free disk space is going to run out 🔗

  • Description: Alerts when RDS free disk space is expected to run out in the next 48 hours.

  • SignalFlow function: see the function in SignalFlow library repository on GitHub.

The following table shows customizable arguments for this detector:

Argument

Description

Default value

Trigger threshold

Trigger threshold for space running out (in hours)

48

Sensitivity

Sensitivity of the alerting

80% of 10m

Clear threshold

Clear threshold for space running out (in hours)

96

Filters

Dimensions you want to add to the detector

None

Kafka 🔗

Kafka - Partition is under-replicated 🔗

  • Description: Alerts when at least one Kafka partition is under replicated for at least 5 minutes.

  • SignalFlow function: see the function in SignalFlow library repository on GitHub.

The following table shows customizable arguments for this detector:

Argument

Description

Default value

Trigger threshold

Trigger threshold for number of under replicated partitions

0

Sensitivity

Sensitivity of the alerting

100% of 5m

Filters

Dimensions you want to add to the detector

None

Kafka - No Active Controller 🔗

  • Description: Alerts when there is no active controller in a cluster.

  • SignalFlow function: see the function in SignalFlow library repository on GitHub.

The following table shows customizable arguments for this detector:

Argument

Description

Default value

Filters

Dimensions you want to add to the detector

None

Kafka - Offline partitions on a broker 🔗

  • Description: Alerts when there is no active leader for a partition, and the partition cannot be read from or written to.

  • SignalFlow function: see the function in SignalFlow library repository on GitHub.

The following table shows customizable arguments for this detector:

Argument

Description

Default value

Trigger threshold

Trigger threshold for number of offline partitions

0

Filters

Dimensions you want to add to the detector

None

Kafka - Consumer Group lag 🔗

  • Description: Alerts when a consumer group has been lagging behind the latest offset by 100 for 2 minutes.

  • SignalFlow function: see the function in SignalFlow library repository on GitHub.

The following table shows customizable arguments for this detector:

Argument

Description

Default value

Trigger threshold

Trigger threshold for the consumer group lag

100

Sensitivity

Sensitivity of the alerting

100% of 2m

Clear threshold

Clear threshold for the consumer group lag

100

Clear sensitivity

Clear sensitivity of the alerting

100% of 5m

Filters

Dimensions you want to add to the detector

None

Kubernetes 🔗

K8s Cluster DaemonSet ready vs scheduled 🔗

  • Description: Alerts when number of ready and scheduled DaemonSets have diverged.

  • SignalFlow function: see the function in SignalFlow library repository on GitHub.

The following table shows customizable arguments for this detector:

Argument

Description

Default value

Trigger threshold

Trigger threshold for difference between the number of ready and scheduled DaemonSets

0

Sensitivity

Sensitivity of the alerting

95% of 5m

Filters

Dimensions you want to add to the detector

None

K8s Cluster Deployment is not at spec 🔗

  • Description: Alerts when the numbers of ready and available pods in Cluster Deployments have diverged.

  • SignalFlow function: see the function in SignalFlow library repository on GitHub.

The following table shows customizable arguments for this detector:

Argument

Description

Default value

Trigger threshold

Trigger threshold for difference between the number of ready and available pods in the deployment

0

Sensitivity

Sensitivity of the alerting

80% of 5m

Filters

Dimensions you want to add to the detector

None

K8s Container Restart Count is > 0 🔗

  • Description: Alerts when container restart count in the last 5 minutes is greater than 0.

  • SignalFlow function: see the function in SignalFlow library repository on GitHub.

The following table shows customizable arguments for this detector:

Argument

Description

Default value

Filters

Dimensions you want to add to the detector

None

K8s Node Memory Utilization is high 🔗

  • Description: Alerts when a Kubernetes Node has been using more than 90% memory for 5 minutes.

  • SignalFlow function: see the function in SignalFlow library repository on GitHub.

The following table shows customizable arguments for this detector:

Argument

Description

Default value

Trigger threshold

Trigger threshold for percentage of node memory utilization

90

Sensitivity

Sensitivity of the alerting

100% of 5m

Filters

Dimensions you want to add to the detector

None

K8s Nodes are not ready 🔗

  • Description: Alerts when Kubernetes Nodes are not in a ready state after 30 seconds.

  • SignalFlow function: see the function in SignalFlow library repository on GitHub.

The following table shows customizable arguments for this detector:

Argument

Description

Default value

Sensitivity

Sensitivity of the alerting

100% of 30s

Filters

Dimensions you want to add to the detector

None

Splunk operational 🔗

Splunk Operational - Detectors aborted 🔗

  • Description: Alerts when at least one detector has been aborted for the last 5 hours.

  • SignalFlow function: see the function in SignalFlow library repository on GitHub.

The following table shows customizable arguments for this detector:

Argument

Description

Default value

Trigger threshold

Trigger threshold for number of aborted detectors

0

Over period

Period of time to compute the number of aborted detectors

5h

Filters

Dimensions you want to add to the detector

None

Splunk Operational - The number of detectors is expected to reach the limit 🔗

  • Description: Alerts when number of detectors about to reach the organization system limit. This limit includes customized detectors created from AutoDetect detectors.

  • SignalFlow function: see the function in SignalFlow library repository on GitHub.

The following table shows customizable arguments for this detector:

Argument

Description

Default value

Trigger threshold

Percentage system limit reached for maximum number of detectors in an organization

90

Sensitivity

Sensitivity of the alerting

100% of 3h