Alerting based on the keyword in logs

v_anil · January 6, 2021, 8:24am

Hi ,

Is there anyway we can configure an alert based on the keyword in the logs, and alert them if we found more than threshould.

for ex: If the logs contain "Exception or ERROR" more than 10 times in last 2 min , i want to send an alert with the pod name and the logs message.

Currently i am using kibana 6.8 , but yeah i know the current version is not supporting the alerts. I just wanted to make sure the above alert is possible to setup. If yes then i will upgrade the elasticsearch and kibana.

Can someone please suggest whether it is possible or not..? if yes is there any doc that i can follow..?

borna_talebi · January 6, 2021, 9:36am

Hi,
I think you can use the Threshold rule for your scenario.

Kerry · January 6, 2021, 10:35am

Hi,

If you were to upgrade you’d be able to use a Log threshold alert for this functionality.

v_anil · January 6, 2021, 5:16pm

@borna_talebi and @Kerry thanks for your valuable options.

Log threshold worked.

system · February 3, 2021, 5:16pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.