ALERT TRIGGERING FOR EVERY 30MINUTES

Ashok2 · May 9, 2019, 9:06am

Hi,

I have the logstash config file in which i have written the mail alert for particular text present then automatically send an email with the message but i keep on receiving lots of mail continuously.

I need to have an alert generated every 30min ,please help me to solve the issue
output{
if[type] == "mq"
{
elasticsearch {
# Index name is used to store the elasticsearch value and it will display the elasticsearch value in kibana using the index name
index => "logstash-dd.mq_log"
hosts => ["11.11.11.122:0000"]
document_id => "%{fingerprint}"
}
}

if[q_manager] == "ESBPRT1"
{
if[error_code] == "AMQ9616"
		{
		
		email{
				  to => "domain@gmail.com"
				  from => "123@gmail.com"
				  subject => "MQ Alert - AMQ9616"
				  body => "Hello Team,\n\n Error code AMQ9616 occured @ %{event_timestamp} .Please check and take necessary action. \n \n Link to ELM DashBoard : http://123.gmail.com \n\n\n * This is an automated e-mail and any responses to this e-mail will not be monitored \n Thank You!"
				  port => 25	
				}
		}

      }
}

Badger · May 9, 2019, 1:42pm

I answered this question when you posted it yesterday. Which part of the answer did you have a question about?

Ashok2 · May 10, 2019, 6:19am

can you help me where to write the code to trigger the mail for every 30 minutes

Badger · May 10, 2019, 2:44pm

I do not run elasticsearch so I cannot help further.

Jasonespo · May 10, 2019, 3:07pm

Do you have x-pack watchers available to you?

You can create a watcher that will be able to send you an email every time the error_code = "AMQ9616"

I will be able to help you if you explain a bit more about what your setup is

Ashok2 · May 13, 2019, 6:42am

I don't have x-pack watchers available currently we are using 5.6.2 version

Jasonespo · May 13, 2019, 6:56am

Install x-pack

https://www.elastic.co/guide/en/x-pack/5.6/installing-xpack.html

Once you have installed x-pack we can write a watcher for you that will fix your issue.

X-pack watchers are a useful feature that is definitely worth taking a look at even if you don't want to do it this way

Ashok2 · May 13, 2019, 7:25am

Thank You Jasonespo.

I will let you know once i installed x-pack

system · June 10, 2019, 7:34am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.