I've set up metricbeats on some key infrastructure and logging it all in elastic where I'm running ML to look for anomalies. However if a box goes offline, where it sends no data I don't beleive the watch will trigger anything but the box being dead is one of the more serious alerts I want to get. Has anyone got any ideas on now I can monitor for this?
A simple and straightforward approach: set up a watch for each monitorized machine, look for the messages in the last n minutes and evaluate if the total is zero.
For a more complicated and escalable solution, check the watcher examples from the official repository:
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.