Alerting In AWS Elasticsearch Kibana

kennedy · October 6, 2020, 1:02pm

Hi Everyone,

So here is the scenario , I have metricbeat installed on 2 different servers. The feed is going from the logstash to the AWS Elasticsearch. Now , I'm setting up the alerting in kibana for cpu utilization.

{ "query":
{"bool":
{"must":
[{"range":
{"system.memory.actual.used.pct": {"gte": 0.5}}},
{"range":
{"@timestamp":
{"gte": "now-1h","lte": "now/m"}}}]
}
}}

now the alert is triggering but one for one host. Though the condition is satisfied for both meaning the alert should trigger for both separately.
So that in case there are 5 servers with metric beat and over the threshold the alert should come. Any changes to the script or to the trigger part. Please suggest how that can be done.

dadoonet · October 6, 2020, 1:24pm

We don't support this service here so I'm not sure if we can really help.

BTW did you look at Cloud by Elastic, also available if needed from AWS Marketplace ?

Cloud by elastic is one way to have access to all features, all managed by us. Think about what is there yet like Security, Monitoring, Reporting, SQL, Canvas, Maps UI, Alerting and built-in solutions named Observability, Security, Enterprise Search and what is coming next ...

system · November 3, 2020, 1:24pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.