Hi friends
i'm using elk suite to analize log file
My logs contain in any row a json file that with grok i can correctly extract it..
Now, i want count the occurrences
to try, i want count a simple word (for example "debug") an after this i want generate an alert when "debug" is present more of 10 time in my document...
I have installed and configurated correctly email plugin for alert, and i have installed metric plugin..
Can you help me.
Sorry for my english
E.A.
Logstash is the wrong place to do this. Have a look at Elastic's own Watcher product or the third-party ElastAlert produc.t
I want generate automatic alert using elk...is possible?
I prefer dont use third part'product
Where are Watcher products?
Maybe i can run it on kibana dev tool?
Scuse me for my inexperience, but i'm starting now to use elk stack...
Yes im installing now x-pack on kibana...
If i have problem can i rewrite on this post?
Ok than...i have installed xpack on kibana and elastisearch...
i want thest this example
PUT _xpack/watcher/watch/log_error_watch
{
"trigger" : {
"schedule" : { "interval" : "10s" }
},
"input" : {
"search" : {
"request" : {
"indices" : [ "logs" ],
"body" : {
"query" : {
"match" : { "message": "error" }
}
}
}
}
}
}
where i run this "PUT _xpack/watcher/watch/log_error_watch"
If i have problem can i rewrite on this post?
There's a separate group for X-Pack questions.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.