Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- bin/plugin --install elasticsearch/watcher/latest
- bin/plugin --install elasticsearch/license/latest
- ES_HOME/bin/elasticsearch
- curl -XGET 'http://localhost:9200/_watcher/stats?pretty'
- PUT /_watcher/watch/log_error_watch
- {
- "trigger": {
- "schedule": {
- "interval": "10m"
- }
- },
- "input": {
- "search": {
- "request": {
- "indices": [
- "logs"
- ],
- "body": {
- "query": {
- "match": {
- "message": "error"
- }
- }
- }
- }
- }
- },
- "condition": {
- "compare": {
- "ctx.payload.hits.total": {
- "gt": 0
- }
- }
- },
- "actions": {
- "send_email": {
- "email": {
- "to": "<username>@<domainname>",
- "subject": "Cluster logs",
- "body": "Cluster Error Logs ",
- "attach_data": true
- }
- }
- }
- }
- watcher.actions.email.service.account:
- work:
- profile: gmail
- email_defaults:
- from: <email>
- smtp:
- auth: true
- starttls.enable: true
- host: smtp.gmail.com
- port: 587
- user: <username>
- password: <password>
- curl -XDELETE'http://localhost:9200/_watcher/watch/log_error_watch'
- bin/elasticsearch-plugin install x-pack
- bin/kibana-plugin install x-pack
- xpack.notification.email.account:
- outlook_account:
- profile: outlook
- email_defaults:
- from: <sender-email>
- smtp:
- auth: true
- starttls.enable: true
- host: smtp-mail.outlook.com
- port: 587
- user: <username>
- password: <password>
- PUT _xpack/watcher/watch/error_report
- {
- "trigger": {
- "schedule": {
- "interval": "1h" <OR TIME INTERVAL TO MONITOR AND ALERT>
- }
- },
- "input": {
- "search": {
- "request": {
- "indices": [
- "logs"
- ],
- "body": {
- "query": {
- "match": {
- "message": "error"
- }
- }
- }
- }
- }
- },
- "actions": {
- "send_email": {
- "email": {
- "to": "<YOUR EMAIL>",
- "subject": "Cluster logs",
- "body": "Cluster Error Logs ",
- "attach_data": true
- }
- }
- }
- }
- DELETE _xpack/watcher/watch/log_error_watch
Add Comment
Please, Sign In to add comment
