Add alarm detecting too many failed logins Change-Id: I9c623d6d604ac1b3f6d226cfb27d0ccaf809ead7

commit: e37150bdd31dda0403e7da61199c66f653dd352b [log] [tgz]
author: Simon Pasquier <spasquier@mirantis.com> Thu Feb 23 10:44:42 2017 +0100
committer: Simon Pasquier <spasquier@mirantis.com> Thu Feb 23 10:44:42 2017 +0100
tree: ca49bcb04681d8fb84184d102f80697d96f73d89
parent: dfcfbb1996d60e96babc74a754a38dcd36e9b8f1 [diff]
diff --git a/rsyslog/meta/heka.yml b/rsyslog/meta/heka.yml
index 3c31c40..e748d27 100644
--- a/rsyslog/meta/heka.yml
+++ b/rsyslog/meta/heka.yml

@@ -43,3 +43,20 @@
       config:
         hostname: '{{ grains.host }}'
         grace_interval: 30
+metric_collector:
+  trigger:
+    failed_logins_warning:
+      description: 'The rate of failed logins is too high.'
+      severity: warning
+      rules:
+      - metric: failed_logins_rate
+        relational_operator: '>='
+        threshold: 0.2
+        window: 120
+        periods: 0
+        function: avg
+  alarm:
+    failed_logins:
+      alerting: enabled
+      triggers:
+      - failed_logins_warning
commit	e37150bdd31dda0403e7da61199c66f653dd352b	[log] [tgz]
author	Simon Pasquier <spasquier@mirantis.com>	Thu Feb 23 10:44:42 2017 +0100
committer	Simon Pasquier <spasquier@mirantis.com>	Thu Feb 23 10:44:42 2017 +0100
tree	ca49bcb04681d8fb84184d102f80697d96f73d89
parent	dfcfbb1996d60e96babc74a754a38dcd36e9b8f1 [diff]