ELK堆栈中的日志不活动监视
[英]Log inactivity monitoring in ELK stack
问题描述
I am configuring an ELK stack server with filebeat which monitors log files and sends to log stash. 
我正在配置带有filebeat的ELK堆栈服务器,该服务器监视日志文件并发送到日志存储。 Is it possible to configure an alerting mechanism either at filbeat or log stash level such that we get alert in case the logs being monitored are no longer being written into. 是否可以在filbeat或日志存储级别配置警报机制,以便在不再写入要监视的日志时得到警报。
1 个解决方案
解决方案1
0 2016-05-22 10:40:40
Filebeat and Logstash are event oriented so they can't tell you when data is not being shipped since nothing is being triggered. Filebeat和Logstash是面向事件的,因此由于什么都没有触发,因此它们无法告诉您何时不发送数据。 For this you would probably need to purchase the Elastic Watcher alerting mechanism or use services like Logz.io who also offer an alerting mechanism. 为此,您可能需要购买Elastic Watcher警报机制或使用Logz.io之类的服务,该服务也提供警报机制。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.