Guidance setting up Kibana alarms on other cluster's metrics

omora_ando · February 17, 2021, 12:34am

Hello,

We are an Elastic Service Premium subscriber. I have two Deployments setup, for non-prod and prod workloads. Both clusters are using ES 7.9.3.

I followed this documentation to setup a monitoring cluster with ES 7.11.

The non-prod and prod Deployments are writing their logs to the monitoring cluster. Also the monitoring cluster is sending its logs to itself so that daily indices are removed

On the monitoring cluster's Kibana I can go to Stack Monitoring, and I see all three clusters, I can get into each one and see metrics like:

CPU %
JVM Heap,
Disk data among others

Now, I want to setup some alarms on those three metrics, where the Action is sending a notification to Microsoft Teams. I went over this documentation, which seems to be the be the "new-ish" way to setup alarms from Kibana instead of Elasticsearch's Watcher

In Kibana I see some predefined alarms for the metrics I want when I go to Stack Management/Alerts and Actions:

But I can't (and shouldn't) change those. I tried to create my own alarms following these instructions but I don't see the CPU Usage, Disk Usage, Memory JVM Usage metrics.

Any guidance is much appreciated

warkolm · February 17, 2021, 12:41am

It looks like you are a Cloud Platinum customer? If so you can also raise this question with our Support team - https://support.elastic.co/

omora_ando · February 17, 2021, 12:59am

Thanks for the suggestion @warkolm , I opened a support ticket as well.

omora_ando · February 18, 2021, 10:53pm

Ok I heard back from support. I wanted to update this for future generations.

It is possible to add more actions to the default Stack Monitoring Alarms, I was just in the wrong UI. Here is the way to do it:

In Kibana go to Stack Monitoring
Click on the cluster you want to update
Click Enter setup mode in the top left corner
Click on any of the [n] alerts rectangles, drill down to the alert you care about, let's say Resource Utilization/CPU Usage
Click on Edit alert to change the alarm configuration, including adding an Action to post a Message to Microsoft Teams

They mentioned in the next release 7.12 you will be able to update these alarms from the Stack Management/Alerts and Actions screen

system · March 18, 2021, 10:54pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Metrics and Alerts for Elasticsearch Elasticsearch elastic-stack-monitoring	4	438	December 22, 2020
Does Kibana Alerting API also configure Elastic Stack Monitoring Alerts? Kibana elastic-stack-alerting	5	353	June 23, 2021
Install metricbeat agent on all ES nodes in my cluster Beats elastic-stack-monitoring , metricbeat	5	416	June 4, 2019
ES Cloud instance Monotoring and Alerting Kibana elastic-stack-monitoring	4	325	February 8, 2021
Monitoring production cluster with Kibana and Metricbeat Kibana	9	1809	January 16, 2020

Guidance setting up Kibana alarms on other cluster's metrics

Related topics