Get analytics with potential alerts if anomalies detected

O_K · September 16, 2023, 12:38pm

I'm researching options how to get some analytics, for instance, I want to look into ERRORs in log_level column, and if its amount increases drastically, I want to receive an alert. There should be many such cases and it would be preferable to see such details in kibana as well (but not mandatory). I'm thinking to write for this purpose some python app, but a bit struggling regarding starting point. Probably you could guide me from what should I start? Already checked

lib elasticsearch-py
async-searches in elastic Long-running searches | Elasticsearch Guide [8.9] | Elastic
anomaly detection Anomaly detection | Kibana Guide [8.9] | Elastic

Any advice regarding enhanced analytics and alertins would be helpful.

Andrew_Mora · September 16, 2023, 12:56pm

Starting with Python, you can use the Elasticsearch Python library to query and monitor the log data. For enhanced analytics and alerts, consider exploring Elasticsearch's built-in anomaly detection features and integrating Kibana for a comprehensive solution. AC Football Cases

O_K · September 16, 2023, 1:02pm

I need to have free solution, so I guess Elastic anomaly detection solution isn't preferrable

O_K · September 17, 2023, 2:50am

how can I run queries on elastic side with python?

stephenb · September 17, 2023, 3:44am

Perhaps look at this there is a python client for elastic

pestevao · September 17, 2023, 11:20am

Try to see elastalert2 - GitHub - jertel/elastalert2: ElastAlert 2 is a continuation of the original yelp/elastalert project. Pull requests are appreciated!