Hi, I want to send alert to user whose name in log message field.
For example a user tried to access a project but he is not authorized, in this case log captured (access is forbidden for user: 'xyx') in message field. How can we send alert from ELK to this user xyz ? is this doable ?
If alert not possible to end user, can we get alert for this user in MS team or Slack ?
All application logs are coming to ELK stack.
Hi @SumitSingh,
Yes it is possible to send an alert to an email address that is found in your logs. One way to do that is to configure a watcher.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.