I have an assignment at hand where we need to migrate from Nagios to ELK. There was an option to monitor the presence of a file in Nagios. Can this be achieved in ELK also?. Metricbeat especially.
I don't think we have anything similar, how do you picture the feature? I would like to understand the problem you try to solve and the best solution for it.
Also please take a look to the new auditd module, as it may be useful to monitor changes to the file from the kernel audit system: https://www.elastic.co/guide/en/beats/metricbeat/master/metricbeat-metricset-audit-kernel.html
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.