i have ingested python logs in Elasticsearch. Sample of my logs given below
[2021-10-01 23:54:39,752] [INFO] [run][MainThread] [xxxxxxxxx] [function_name:line no] : updating user request mapping for the request xxxxxxx
[2021-10-01 23:54:50,021] [ERROR] [run][request_thread] [xxxxxxxxx] [function_name:line no] : Exception occurred.
stacktrace...
......
When my logs contain log level == ERROR i want to send a mail to the pdl with the error adn stacktrace.
This sounds like a great use case for the logs threshold rule: Create a logs threshold rule | Observability Guide [master] | Elastic. You can create this rule and then attach an email action to the rule in order to be notified.
Thanks,
i'm runnign kibana on my localhost:5601, unable to access alerts, it says u need to enable TLS and i'm unable to do it.
Well you will either need to enable Security/ TLS to use alerts or perhaps a very small Elastic Cloud instance. Alerting feature requires Security / TLS to be setup up.
I wrote a step-by-step How To to secure a single Elasticsearch / Kibana on a single host, it should take you about 15 minutes
See Here
Without using the cloud instance, how do i enable Security/TLS in my localhost.. is there any write up on that. Under config folder i have the .p12 file and have enabled following configurations in Elasticsearch.yml file
discovery.type: single-node
# Enable security
xpack.security.enabled: true
# Enable auditing if you want, uncomment
# xpack.security.audit.enabled: true
# SSL Settings
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.keystore.path: elastic-stack-ca.p12
xpack.security.http.ssl.truststore.path: elastic-stack-ca.p12
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elastic-stack-ca.p12
xpack.security.transport.ssl.truststore.path: elastic-stack-ca.p12
Post all this, i restarted Elasticsearch it just got stuck and it gives me following mesage -
recieved plaintext http traffic on an https channel
In the post above I provided a link to a step by step instructions.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.