Attempting to put together a flowchart of our ELK workflow for troubleshooting. At what point does Alerting possibly break or stop working? Will alerts stop if the Kibana GUI or service is down? Or, does the Elasticsearch service have to be down for Alerting to stop? Currently, all our alerts have been built through the Kibana GUI. Thanks.
Hi @TXBigDawg1836, alerting rules run within the Kibana process against Elasticsearch indices. For alerting rules to run, you will need both Kibana and Elasticsearch to be up and running. Either of them down will stop rules.
@mikecote Thanks for the quick response. That's what I was thinking as well but it's nice to have confirmation.
1 Like
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.