Hello everyone!
Could you please tell me if there are any ways to create an alert if some server is down or elastic-agent stopped send logs to the Elastic
Hi @bex, Welcome to the Elastic Community.
If you're collecting system metrics using elastic agent or beats, you can just create a metric alert and there's an option to be alerted when it stop sending data.
Hello @ashishtiwari1993
Thanks for your reply.
Did I get it right that a metric alert can be used to trigger when a host stops sending data? If so, would I need to create a separate metric for each host? For example, if I have 10,000 hosts, is there any other way?
I think you can use just one rule and it will aggregate by host, but I do not use this.
There is an issue from 2020 about implementing a built-in alert feature for Fleet Managed Elastic Agents, it is this one: Provide Kibana Alerting functionality for Fleet · Issue #79310 · elastic/kibana · GitHub
Unfortunately it was closed because you can now alert based on count of active agents, but this does not work for most of the use cases.
There are some internal Enhancement Requests, but no change until now.
Not having built-in alert features if an agent is online or not is a huge miss in my opinion and none of the alternatives works well.