DataStax Academy FAQ

DataStax Academy migrated to a new learning management system (LMS) in July 2020. We are also moving to a new Cassandra Certification process so there are changes to exam bookings, voucher system and issuing of certificates.

Check out the Academy FAQ pages for answers to your questions:

question

aravinth_chakravarthyr_173918 avatar image
aravinth_chakravarthyr_173918 asked ·

Why is the source IP and user missing from OpsCenter alerts?

Hi,

I am using an API call from my opscenter to get information about the events through the following API,

$ curl -vvv -H 'opscenter-session: sessionid' http:// opscenterip :8888/clustername/events?count=1 | python -m json.tool

My ouput is :

{
    "action": 37,
    "api_source_ip": null,
    "event_source": "OpsCenter",
    "level": 5,
    "level_str": "ALERT",
    "message": "The best practice rule 'Secondary indexes cardinality' has failed.",
    "source_node": null,
    "success": null,
    "target_node": null,
    "time": "1587285000138000",
    "user": null
}

Why i am unable to get my API source ip and user?

Can you please help

opscenter
10 |1000 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

1 Answer

Erick Ramirez avatar image
Erick Ramirez answered ·

@aravinth_chakravarthyr_173918 Some fields are only available for certain events. Not all events have all alert fields available. This is because they do not necessarily apply to the event.

In the example you provided, Best Practice alerts are typically cluster-wide so they do not have a source IP associated with them. Another way of saying it is that an operator cannot trigger a Best Practice alerts via an API call -- they come from OpsCenter.

Similarly, an event will only include the user if the event has an associated user. For example, a node being restarted via OpsCenter will have the user (role) that initiated the restart. Best Practice alerts are generated by OpsCenter, not a user (role). Cheers!

2 comments Share
10 |1000 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

aravinth_chakravarthyr_173918 avatar image aravinth_chakravarthyr_173918 ·

could you just clarify me about the user more? Is that a user of opscenter who is restarting the node ( For example we have enabled LDAPthen the user who initiates Restart will be displayed here ) or the user in the node ( example :JMX ) .

I just initiated it from the opscenter and the user returned null in the API call.

0 Likes 0 · ·
Erick Ramirez avatar image Erick Ramirez ♦♦ aravinth_chakravarthyr_173918 ·

@aravinth_chakravarthyr_173918 It's the OpsCenter user (not node or Cassandra user) that initiated the action. For more information on the definition of alert fields, see Configuring alerts for events. If it isn't working as expected on your cluster, I'd recommend logging a ticket with DataStax Support so one of our engineers can investigate for you because it's difficult to do that in a Q&A forum.

As a friendly note, I've converted your post to a comment since it is not an "answer". Cheers!

0 Likes 0 · ·