The solutions I've seen for things like this in ELK usually are on the lines of using logstash to reparse the logs in ES and use some output (e-mail, nagios, Zabbix) to do the alerting.
For now I've stick with using OSSEC (www.ossec.net) to do my alerting and "just" use ELK for log analysis. On Monday, June 23, 2014 5:50:22 AM UTC-3, Siddharth Trikha wrote: > > We are using the `ELK stack (logstash, elasticsearch, kibana)` to analyze > our logs. So far, so good. > > But now we want notification generation on some particular kind of logs. > Eg When a login failed logs comes more than 5 times (threshold crossed) an > email to be sent to the sysadmin. > > I looked up online and heard about `statsd`, `riemann`, `nagios`, `metric` > filter (logstash) to achieve our requirement. > > Can anyone suggest which fits best with ELK stack?? I am new to this. > Thanks > -- You received this message because you are subscribed to the Google Groups "elasticsearch" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/f05ec9c0-9c69-4b07-8f32-e3742fadb718%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
