Hi Team,
I am using searchguard for alerting purpose. The indices of searchguard are stored in elasticsearch with .signals naming convention. I need to get the alert ID for the alerts. However, i cannot write a search query on hidden indices. Can you please support if there is some way to unhide them or to make a search query on them?
//Ankita
I think you should ask this to the searchguard support as we don't support this 3rd party plugin.
Hi David,
My question is just that if i can convert hidden indices to normal ones?
//Ankita
I have no idea. I don't know this project and if this is possible and what would be the impact...
Can you perhaps put an alias on top of it and use that?
There's a Search Guard forum at https://forum.search-guard.com/ where you could ask, if you don't have a paid for support channel to use.
Hi Team,
Thanks for your support.
I just wanted to check that how is watcher generating the alerts? If i want to raise an alarm for breaching memory threshold and my environment includes 30 hosts, how will watcher generate the alarm?
Will it be single alarm for single host or one alarm for all hosts?
//Ankita
Those questions will probably get more views and hence be more likely to get good answers if you make a new post with an appropriate title.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.