Greetings! I am using ELK stack with APM for some time, but without alerting. And yesterday, I decided to add them. I have docker-compose installation at this time. I had tls between kibana and elastic enabled already. But after all configurations, I don't see any updates in log and new index don't created. I'm confused and I don't know what to do. What I am doing wrong?
Certificates was generated in other docker container using elasticsearch-certutil
bin/elasticsearch-certutil cert --silent --pem --in config/certificates/instances.yml -out /certs/bundle.zip;
In docker container kibana started using this keys.
/usr/share/kibana/bin/../node/bin/node /usr/share/kibana/bin/../src/cli --cpu.cgroup.path.override=/ --cpuacct.cgroup.path.override=/ --elasticsearch.hosts=https://es:9200 --elasticsearch.password=MYPASSWORDHERE --elasticsearch.ssl.certificateAuthorities=/usr/share/elasticsearch/config/certificates/ca/ca.crt --elasticsearch.username=elastic --server.name=kibana --xpack.encryptedSavedObjects.encryptionKey=KEYHERE --xpack.security.enabled=true --xpack.security.encryptionKey=KEYHERE
For example:
Create alert from APM
Create conector:
Create alert:
After this I generated errors for this alert.
I see active alert.
But don't see in kibana logs message for this kind of alert and index "alert" don't created.
Please HELP!