I need some advice, I am creating a New ELK stack where i am going to store oracle log in ES and by using the logstash. I would like get the some information if i use the below the additional integration tool then will be under free subscription or require some platinum or enterprise subscription?
metricbeat module : System, Linux, Oracle
logstash : JDBC ( For Oracle )
filebeat : Oracle logs ( Alert, Listener )
As well I tried to create some alert rule form kibana but it was showing require additional setting to enable that setting do i have to use xpack security feature for that?
With the small caveat that alerting out of the cluster (so not "write to log" or "write to an index" but email, webhook, Slack, PagerDuty,...) is a paid / Elastic Cloud feature.
You can create rules and alerts with the basic license, but as @xeraa mentioned, the actions are limited, you can only send the alert to Kibana Log file or write the alert to an index.
If you need to send those alerts to external targets there is a third-party tool called ElastAlert2 that is pretty good and cover a lot of limitations that Kibana Alert have.
For example, I manage a platinum licensed cluster and I still need to rely on ElastAlert to trigger some alerts because of Kibana Alert limitations.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
