Alert Raw Event Example
An example of a full event showing an error is shown below for reference.
| Field | Value |
|---|---|
| #category |
Alert
|
| #repo |
humio
|
| #severity |
Info
|
| @id |
XQP9NSlmxlxz6nHCuvRFgiDQ_113_111_1684918557
|
| @ingesttimestamp |
1684918557196
|
| @rawstring |
category="Alert" severity="Info"
@timestamp="1684918557196" message="Alert query polled"
subCategory="Query"
alertId="5PW7eKlBvQWpJFRTL7j4N5n3Y3GeAIiE"
alertName="Alert2" viewId="KFrfTEli7ziKVdJiHMzmy6AV"
dataspace="humio"
externalQueryId="P1-q4u0GQwR6Xel6XKT1HAMv8Ts"
query="\"cputime > 240000000\""
eventsToTriggerOn="0"
|
| @timestamp |
1684918557196
|
| @timestamp.nanos |
0
|
| @timezone |
Z
|
| alertId |
5PW7eKlBvQWpJFRTL7j4N5n3Y3GeAIiE
|
| alertName |
Alert2
|
| category |
Alert
|
| dataspace |
humio
|
| eventsToTriggerOn |
0
|
| externalQueryId |
P1-q4u0GQwR6Xel6XKT1HAMv8Ts
|
| message |
Alert query polled
|
| query |
"cputime > 240000000"
|
| severity |
Info
|
| subCategory |
Query
|
| timestamp |
1684918557196
|
| viewId |
KFrfTEli7ziKVdJiHMzmy6AV
|