It would be rather useful to have an option to send some sort of heartbeat with every beat. While it's good to have the Heartbeat-beat to show whether a host is up or not I'd really like to have a way to see if a specific beat is running (and working).
I know I can use monitoring tools like Icinga 2 to check for running beats processes I don't have a way to check a specific beat if it still send's data.
I dream of queries against Elasticsearch (maybe with Icinga 2) checking if each host with Filebeat, Winlogbeat, etc. has sent anything within the last 15 Minuten (configurable). If there was no "real" message to be sent, the beat sent a "ping" message so that there was at least something to be processed.
It sends the data to a /xpack endpoint in Elasticsearch so the plugin must be installed. The X-Pack Basic license is free so you just need to have the plugin installed to ES. Then the raw monitoring metrics should be available in a .monitoring- index.
What if I don't have access to Elasticsearch from my beats? Some of the beats I want to monitor are in remote networks with NAT and the only way to transfer data to the central Elasticsearch is via Logstash / Redis. Is there a way already? Or is there one planned?
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.