Add a watcher to Elasticsearch to alert when any of the users in the Azure table logs into the website

enkidev · September 29, 2017, 8:50am

Hi,

I'm completely new to Elasticsearch, any help would of great help.

Using the complete ELK stack to monitor the users logged into the site.

When a user logs into the website, the username is passed to elastic search and monitored using kibana.

Have a list of username in azure table and I wanted to add a watcher to Elasticsearch to alert when any of the users in the Azure table logs into the website.

Looked at the examples of the watcher but really confused how to setup alert in linking Elastcisearch with Azure table values.

Any idea or guidance or a sample would be of great help.

Thanks for your help.

spinscale · October 2, 2017, 12:58pm

You have to manage the syncing between the azure table and watcher yourself.

If you can access the data in that table via a REST API call, you could execute that call during the watch execution. Otherwise a manually written sync mechanism, that tries to import the users from azure into elasticsearch might help. Then you could write a watch that simply executes a search.

--Alex

Topic		Replies	Views
Writing watcher alerts back to elastic Elasticsearch	2	585	October 18, 2017
Question about Watcher ( Xpack-Alerts) Elasticsearch elastic-stack-alerting	4	766	July 6, 2017
Crud form for watches Elasticsearch elastic-stack-alerting	2	439	November 11, 2019
I have data in Azure Table storage and i want to publish that data in Elasticsearch for better filtration Elasticsearch	0	99	April 28, 2024
How to pull data from elasticsearch to servicenow using watcher alerting Elasticsearch elastic-stack-alerting	2	849	November 26, 2018

Add a watcher to Elasticsearch to alert when any of the users in the Azure table logs into the website

Related topics