Tag : alert
Alerting for Elasticsearch : Log watcher in elasticsearch using ES Watcher
16/08/2015
Article
Latest elasticsearch has new future of Alerting for elasticsearch using Watcher. This feature is very important and helpful to trigger alert on matching bracelet replica cartier search query.
You need fake cartier bracelet to install plugin
bin/plugin -i elasticsearch/license/latest bin/plugin -i elasticsearch/watcher/latest #Restart elasticsearch #Verify installation using curl -XGET 'http://localhost:9200/_watcher/stats?pretty'
After installation we have to create watcher index. This will check for an every 10sec of intervalOriginal Ref. from – https://www.elastic.co/downloads/watcher
curl -XPUT 'http://localhost:9200/_watcher/watch/cluster_health_watch' -d '{
"trigger" : {
"schedule" : { "interval" : "10s" }
},
"input" : {
"http" : {
"request" : {
"host" : "localhost",
"port" : 9200,
"path" : "/_cluster/health"
}
}
},
"condition" : {
"compare" : {
"ctx.payload.status" : { "eq" : "green" }
}
},
"actions" : {
"send_email" : {
"email" : {
"to" : "<a href="mailto:appasaheb.sawant@gmail.com" target="_blank" rel="nofollow">appasaheb.sawant@gmail.com</a>",
"subject" : "Cluster Status Warning",
"body" : "Cluster status is RED"
}
}
}
}'
If we want to alert on matching query search then we can do like …
curl -XPUT 'http://localhost:9200/_watcher/watch/log_error_watch' -d '{
"trigger" : {
"schedule" : { "interval" : "10s" }
},
"input" : {
"search" : {
"request" : {
"indices" : [ "logs" ],
"body" : {
"query" : {
"match" : { "message": "error" }
}
}
}
}
}
}'
You can add email replica cartier settings in elasticsearh config.
watcher.actions.email.service.account:
work:
profile: gmail
email_defaults:
from: 'appasaheb.sawant@gmail.com'
bcc: appasaheb.sawant@gmail.com
smtp:
auth: true
starttls.enable: true
host: smtp.gmail.com
port: 587
user: gmail username
password: gmail password
Categories: Other
About Author:
