Hi,
I’m looking for a way to alert ourselves when we are either
not receiving logs into logstash or the logs received are not being sent to ES.
I could come up with some O/S ways in Linux like inotifywait
and maybe some bash scripts that could watch a number of ELK files but I’m
wanting to know what is the best practice for doing this with the ELK stack.
Ideally I’d like to receive an email alert if no logs have
been received or they are not being sent to ES.
Thanks