Hi-
I did installed metricbeats on a server, but for some reasons we stop the metricbeats service and start it back after some time. I would need an email alerting thru logstash only when its stopped and if the metricbeats starts again an email has to be sent again only once. Is there any plugin which does that? Or please let me know how do I build this using any other plugins?
Please see we can't have a logstash running on a prod server, we need to have the alerting thru executing the Elastic Search queries and identify whether the data collection have stopped/started.
Hi @paul1243 - There is no "plugin" available out-of-the-box that could do that. However, you may want to explore designing a watch that would check the monitoring index for Metricbeat. This would require you to:
thanks for your reply @ropc
unfortunately, we haven't got the x-pack license yet but we are planning very soon. I need to have a working solution until then any other suggestions ? thanks !
@paul1243 To be honest, without Monitoring and Alerting, that will be a bit challenging to implement this. If you think about using the email output plugin from Logstash, then you would still need an input to act on. Just a random thought, but you could probably write a simple TCP client that monitors your Metricbeat instance and sends a message to Logstash (and use the http input plugin).
Obviously this is more like an in-house implementation - the best would be to rely on the Monitoring and Alerting capabilities offered in the stack.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
any other suggestions ? thanks !