I am wondering if this is possible.
Is there a way for a watcher or task that can be created that will read the internal logs for Elasticsearch and Logstash for any errors which then sends an alert?
I check these logs on a daily basis but if any errors occur over the weekend we do not find out until the monday.
Hey,
you need to make sure that those logs make it into Elasticsearch first, then you can write any alert you want. Using filebeat to do that would be the way to go here.
--Alex
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.