I try to use elasticsearch as a 2nd log output storage, to analyze some info in logs. In this case, an alert triggers will be very useful. I read through docs talking about percolator and I think this should be the way to make it out.But after some trying, I found that I don't really get how percolator works. It seems that I use REST API to index a document with a percolator already set up, it will return if that document match the percolator query or not. For my case, I use Logstash as input which of course don't have this kind of feedback. And a "count" appears to be accessible from REST that I can use to get this kind "feedback" from percolator but I find it no where.
Could some one give me an idea about how I can achieve this kind of feature with Elasticsearch? I know I can have ways to trigger an alert in Logstash but for my case Logstash is a temporary tool to input the data, I could possible not use it in the future. I also notice that Graylog has kind of alert. When the input event match some keywords, the alarm will trigger. I guess it also use some percolator APIs but I wish to know how can I do this alone with Elasticsearch only. Thanks a lot. -- You received this message because you are subscribed to the Google Groups "elasticsearch" group. To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/cf5da9d8-7000-4a0b-94af-3ce064feee90%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
