Hi,
I would like to know if after the X-Pack release and some of its basic features are now included in the basic license:
Thank you
Hi @ManuelF,
You have some alerting features in basic license, please see:
https://www.elastic.co/subscriptions
Thanks,
Liza
Hi @LizaD,
I checked the link and now I am aware that the basic license offers some alerting features. Can you please tell me if I those relay on X-Pack (do I need to enable it?) or provide a link to a good tutorial so I can configure and start using it.
Thank you
Hi @ManuelF,
Here is a nice blog on alerting:
We also have our user's guide:
https://www.elastic.co/guide/en/kibana/current/alerting-getting-started.html
If you have some specific questions or road blocks setting it up, just ping us again we will try to get you answer.
Thanks!
Hi @LizaD,
I have been checking the documentation related to alerting, but it is still not clear to me what types alerts I can access with just the Basic License. Watcher is not available.
Is there a list of alerts I can check to see if those I am looking for are available with the Basic License?
I would be particularly interested in receiving an alert email, if an index or a counter receives or reaches a specific value. For example, if I use Winlogbeat, I want to receive an alert email every time ELK receives a specific Event ID. Or receive an email every time an Event ID 4625 is generated for a specific user account.
If an administration account fails to authenticate successfully and generates three Event ID 4625s in a row, it would be useful to receive an alert email.
Do I have access to this type of alerts, based on the data I collect?
Thank you
Hi @ManuelF,
All types of alerts so far are available in the basic license. They are being released starting with 7.7 and more to be added each release by different applications.
Alerts about the operation or performance of the node?
Starting in 7.8, you will be able to use the Metrics Explorer to create some alerts based on performance of the node.
https://www.elastic.co/guide/en/kibana/7.8/metrics-explorer.html
Alerts if the service is interrupted?
Starting in 7.7, the Uptime application will support alerting if a service is interrupted.
Custom alerts given a specific event?
We are working on some generic alerts, starting with Index Threshold.
I would be particularly interested in receiving an alert email, if an index or a counter receives or reaches a specific value.
This is possible using the Index Threshold alert type though the basic license only allows in-stack actions so a Gold subscription would be required to send an email. You can log to the server or index a document in basic.
Hi @mikecote,
Great answer! Now it is clear to me everything related to the different types of alerts that ELK stack offers. I appreciate the detailed response and the links provided.
Thank you!
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.