Email notification on ERROR in log

Elastic Stack Elasticsearch
1

Hi frnds,

I have configured, Logstash + redis + indexer + elasticsearch + kibana in
mysetup for logcollection. Using beaver + rsyslog agent to pushlogs to the
logstash. The logs are being collected successfully. What I want to setup
now if the email based alert.

My requirement was If any specific exceptions a JDBC or OutOfMemory
exception for example, an email should be triggered to my emailid.
To achieve that tried multiple options like filter at logstash/indexer
level, shell script to pull from elasticsearch via json query. The filter
option in logstash did not work.

The shell script option worked and I was able to get email with the data
from elasticsearch, however the filter in the json script did not work
somehow and it used to send me the data for entire day(index) rather than
the last 5 minutes.

Not sure if anyone has already tried this and or is this discussed already.

Can anyone help me here. Thanks in advance.

Regards
Prasad Lele

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/20fed4be-eab1-4cb7-8867-44edce8ba3c6%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

2

Have you tried log4j SMTP appender?

Regarding JDBC exception, I will add a documentation how to set up log4j2

http://logging.apache.org/log4j/2.0/manual/appenders.html#SMTPAppender

in the next version of JDBC river/plugin.

Jörg

On Sat, Oct 11, 2014 at 8:49 AM, Prasad Lele prasad.lele85@gmail.com
wrote:

Hi frnds,

I have configured, Logstash + redis + indexer + elasticsearch + kibana in
mysetup for logcollection. Using beaver + rsyslog agent to pushlogs to the
logstash. The logs are being collected successfully. What I want to setup
now if the email based alert.

My requirement was If any specific exceptions a JDBC or OutOfMemory
exception for example, an email should be triggered to my emailid.
To achieve that tried multiple options like filter at logstash/indexer
level, shell script to pull from elasticsearch via json query. The filter
option in logstash did not work.

The shell script option worked and I was able to get email with the data
from elasticsearch, however the filter in the json script did not work
somehow and it used to send me the data for entire day(index) rather than
the last 5 minutes.

Not sure if anyone has already tried this and or is this discussed
already.

Can anyone help me here. Thanks in advance.

Regards
Prasad Lele

--
You received this message because you are subscribed to the Google Groups
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/20fed4be-eab1-4cb7-8867-44edce8ba3c6%40googlegroups.com
https://groups.google.com/d/msgid/elasticsearch/20fed4be-eab1-4cb7-8867-44edce8ba3c6%40googlegroups.com?utm_medium=email&utm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/CAKdsXoFX2cKQjjDagzAvgpPv3U7aS7KFwsxm8KLxshHJ%2Bcx5QA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.