Hi,
I'm new to ELK. I have completed setting up ElasticSearch, Logstash and Kibana. I have 20+ servers to manage. As it is not easy to manually look for errors and warning in the logs, I think there should be something where I can easily get a notification if something wrong is detected in the logs.
Is there any such tools to setup such an automated log search and reporting?
Yes.
Have a look at Filebeat's Elasticsearch, Logstash and Kibana modules. Filebeat also supports other common software via modules, and with a bit of extra work you can create an ingest pipeline for most other log formats.
it sounds like you are looking for the Alerting functionality. Unfortunately there is no conventient UI to create string matching alerts like the ones you described. That means the configuration would currently involve some manual JSON wrangling, but sending a notification when a specific log entry is indexed is definitely possible. The link above shows the available triggers and actions.
Integrating this functionality into the Logs UI to make it more convenient is definitely on our mind.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.