I’m looking for a solution to following problem:
In ELK, I have to create an alert which will trigger - when an error field logged for an index is greater than 80% in last 30 mins The field name is status and it takes info and error as values. I need to get the count of these fields for last 15 minutes and calculate percentage of errors based on that
Count of errors/total counts.
Hi @Rahul_Miragi Welcome to the community.
I believe what you are looking for can be created using a logs threshold alert with a ratio. See here
One thing to remember is to configure your log source see here
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.