We have and use SPM <http://sematext.com/spm/> for all our metrics (ES, Kafka, Apache, MySQL, Hadoop, everything) and we feed our logs to Logsene <http://sematext.com/logsene/> (it has a Kibana UI and a "native" UI). SPM has alerting and anomaly detection, so we use that to get out of bed early (nah, not really), but we currently lack alerting in Logsene (i.e. alerting on numerical data in logs or on patterns). Since Logsene has Kibana UI and can be fed via Logstash and has an Elasticsearch API and backend, that's the closest we've gotten to ELK+Alerts.
Otis -- Performance Monitoring * Log Analytics * Search Analytics Solr & Elasticsearch Support * http://sematext.com/ On Wednesday, June 25, 2014 11:18:01 AM UTC-4, Michael Hart wrote: > > We use Nagios for alerting. I originally was using the nsca output plugin > for logstash, but found that it took close to a second to execute the > command line nsca client, and if we got flooded with alert messages, > logstash would fall behind. I've since switched to use the http output and > send json to the nagios-api server (https://github.com/zorkian/nagios-api). > That seems to scale a lot better. > > We do also have metrics sent from logstash to statsd/graphite, but mostly > so I can see message rates. > > mike > > On Monday, June 23, 2014 4:50:22 AM UTC-4, Siddharth Trikha wrote: >> >> We are using the `ELK stack (logstash, elasticsearch, kibana)` to analyze >> our logs. So far, so good. >> >> But now we want notification generation on some particular kind of logs. >> Eg When a login failed logs comes more than 5 times (threshold crossed) an >> email to be sent to the sysadmin. >> >> I looked up online and heard about `statsd`, `riemann`, `nagios`, >> `metric` filter (logstash) to achieve our requirement. >> >> Can anyone suggest which fits best with ELK stack?? I am new to this. >> Thanks >> > -- You received this message because you are subscribed to the Google Groups "elasticsearch" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/71f99e2b-6557-4be4-a68d-2df08e53e595%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
