Hi,
I'll do an ELK-Stack with an alertingsystem.
So my suggestion was somthing like this:
Shipper => Redis => Indexer => ES <= Alerting (Logstash)
Can Logstash read logstash(Alerting) read or use logfiles, if my configfile looks like this:
input {
elasticsearch {...}
}
output {
email {...}
}
or is this the complete wrong way?
Don't do this. Logstash won't make a good alerting system. Either use Elastic's own Watcher or use a proper alerting system like Nagios or Icinga and have it poll ES.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.