Hello, I am begining in kibana/ELK.
In a monitoring dashboard, I would like to display an 'alert' if the last received log is becoming old.
The gauge seems to be adapted : green if last log is newer than 1 minute, then 2, and red if older than 3 minutes.
How to build the data buckets to have the time between now to the last log received ?
Thank you for your help
UP please
There are multiple ways of doing this.
Easiest one is to use the Math aggregation in TSVB to do a diff between now and the timestamp of the last document.
Another one would be to use 2 color method, by setting the time picker in the top right to Last 1 minute and have a count of documents. If it's 0, make it red, if it's >=1 keep it green.
Best one would be to just use alerting in order to get a notification if that happens. I suggest the index threshold type since it's perfectly suited for this use case.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.