Custom watchers
Together with standard watchers, Siren Alert supports an additional list of use case-specific watcher types that are created from the dashboard. These types of watchers are called custom watchers.
Dashboard button
Custom watchers created from a dashboard inherit its search criteria, including the search pattern, search query, and filters. Each custom watcher type applies specific processing and trigger conditions.
Custom watcher types
New results: Alerts when there are new results for the given search.
Geo fence: Alerts when there are new results within a geographical area.
Proximity: Alerts when two entities are closer or further than a specified distance. This type must be enabled manually as it is not applicable to all data sets. Siren provides support for enabling this.
Creating custom watchers
Custom watchers are managed in the Script tab of the Management section. Creating a custom watcher requires writing a script that provides an object with the attributes described below. Siren provides support for creating these scripts.
Attribute | Type | Description | ||||
|---|---|---|---|---|---|---|
|
| Used to place watcher type in dashboard box. | ||||
|
| Tests whether to show the watcher type in the dashboard box. | ||||
|
| The collection of parameters and default values required by the watcher. | ||||
|
| Executed in the backend that searches Elasticsearch using the | ||||
|
| Evaluates the response from the search function and determines if the watcher should perform the alert actions. | ||||
|
| The HTML template presenting inputs for the watcher parameters. The | ||||