monitoring-mixins-website/assets/openldap/alerts.yaml

groups:
- name: openldap-alerts
  rules:
  - alert: OpenLDAPConnectionSpike
    annotations:
      description: There are {{ printf "%.0f" $value }} OpenLDAP connections on instance
        {{$labels.instance}}, which is above the threshold of 100.
      summary: A sudden spike in OpenLDAP connections indicates potential high usage
        or security issues.
    expr: |
      increase(openldap_monitor_counter_object{dn="cn=Current,cn=Connections,cn=Monitor"}[5m]) > 100
    for: 5m
    labels:
      severity: warning
  - alert: OpenLDAPHighSearchOperationRateSpike
    annotations:
      description: The rate of search operations in OpenLDAP on instance {{$labels.instance}}
        has increased by {{ printf "%.0f" $value }} percent in the last 5 minutes,
        compared to the average over the last 15 minutes, which is above the threshold
        of 200 percent.
      summary: A significant spike in OpenLDAP search operations indicates inefficient
        queries, potential abuse, or unintended heavy load.
    expr: "100 * (\n  rate(openldap_monitor_operation{dn=\"cn=Search,cn=Operations,cn=Monitor\"}[5m])
      \n  / \n  clamp_min(rate(openldap_monitor_operation{dn=\"cn=Search,cn=Operations,cn=Monitor\"}[15m]
      offset 5m), 0.0001)\n) > 200\n"
    for: 5m
    labels:
      severity: warning
  - alert: OpenLDAPDialFailures
    annotations:
      description: LDAP dial failures on instance {{$labels.instance}} have increased
        by {{ printf "%.0f" $value }} in the last 10 minutes, which is above the threshold
        of 10.
      summary: Significant increase in LDAP dial failures indicates network issues,
        problems with the LDAP service, or configuration errors that may lead to service
        unavailability.
    expr: |
      increase(openldap_dial{result!="ok"}[10m]) > 10
    for: 10m
    labels:
      severity: warning
  - alert: OpenLDAPBindFailureRateIncrease
    annotations:
      description: LDAP bind failures on instance {{$labels.instance}} have increased
        by {{ printf "%.0f" $value }} in the last 10 minutes, which is above the threshold
        of 10.
      summary: Significant increase in LDAP bind failures indicates authentication
        issues, potential security threats or problems with user directories.
    expr: |
      increase(openldap_bind{result!="ok"}[10m]) > 10
    for: 10m
    labels:
      severity: warning
Add jsonnet-libs mixins Add blackbox exporter Add mysql exporter 2024-05-04 12:01:41 +00:00			`groups:`
			`- name: openldap-alerts`
			`rules:`
			`- alert: OpenLDAPConnectionSpike`
			`annotations:`
			`description: There are {{ printf "%.0f" $value }} OpenLDAP connections on instance`
			`{{$labels.instance}}, which is above the threshold of 100.`
			`summary: A sudden spike in OpenLDAP connections indicates potential high usage`
			`or security issues.`
			`expr: \|`
			`increase(openldap_monitor_counter_object{dn="cn=Current,cn=Connections,cn=Monitor"}[5m]) > 100`
			`for: 5m`
			`labels:`
			`severity: warning`
			`- alert: OpenLDAPHighSearchOperationRateSpike`
			`annotations:`
			`description: The rate of search operations in OpenLDAP on instance {{$labels.instance}}`
			`has increased by {{ printf "%.0f" $value }} percent in the last 5 minutes,`
			`compared to the average over the last 15 minutes, which is above the threshold`
			`of 200 percent.`
			`summary: A significant spike in OpenLDAP search operations indicates inefficient`
			`queries, potential abuse, or unintended heavy load.`
			`expr: "100 * (\n rate(openldap_monitor_operation{dn=\"cn=Search,cn=Operations,cn=Monitor\"}[5m])`
			`\n / \n clamp_min(rate(openldap_monitor_operation{dn=\"cn=Search,cn=Operations,cn=Monitor\"}[15m]`
			`offset 5m), 0.0001)\n) > 200\n"`
			`for: 5m`
			`labels:`
			`severity: warning`
			`- alert: OpenLDAPDialFailures`
			`annotations:`
			`description: LDAP dial failures on instance {{$labels.instance}} have increased`
			`by {{ printf "%.0f" $value }} in the last 10 minutes, which is above the threshold`
			`of 10.`
			`summary: Significant increase in LDAP dial failures indicates network issues,`
			`problems with the LDAP service, or configuration errors that may lead to service`
			`unavailability.`
			`expr: \|`
			`increase(openldap_dial{result!="ok"}[10m]) > 10`
			`for: 10m`
			`labels:`
			`severity: warning`
			`- alert: OpenLDAPBindFailureRateIncrease`
			`annotations:`
			`description: LDAP bind failures on instance {{$labels.instance}} have increased`
			`by {{ printf "%.0f" $value }} in the last 10 minutes, which is above the threshold`
			`of 10.`
			`summary: Significant increase in LDAP bind failures indicates authentication`
			`issues, potential security threats or problems with user directories.`
			`expr: \|`
			`increase(openldap_bind{result!="ok"}[10m]) > 10`
			`for: 10m`
			`labels:`
			`severity: warning`