It only takes a few minutes to add alerting to any of your Logit ELK stacks. Once enabled, you'll be able to edit and set up alerting rules for all your stacks.

Provision Alerting for a Stack

When you login your stacks are displayed on the dashboard. To enable alerting for a stack, choose 'View Stack Settings'.

Next, choose 'Alerting & Notifications' and then choose 'Setup alerting for this Stack'

Create your Alerting Rule

Use the code block below to quickly get started with your Pagerduty alert.

name: Production App Errors

type: any

# (Required)
# Index to search, wildcard supported

index: logstash-*

## Receive an alert for every single match

realert:
  minutes: 0

# (Required)
# A list of elasticsearch filters used for find events
# These filters are joined with AND and nested in a filtered query

filter:
- query:
    query_string:
      query: "type: error"

# (Required)
# The alert used when a match is found

alert:
- "pagerduty"

# Integration Key generated by PagerDuty
pagerduty_service_key: your_pagerduty_service_key

# The name of the monitoring client that is triggering this event
pagerduty_client_name: your_pagerduty_client_name

How to use the code

  1. Paste the code into the alert replacing any existing rule.

  2. Then just edit the code to match the filter query you need, in this case we are looking for matches on "type:error".

  3. Choose test to run the rule against your data over the last 24hrs.

  4. Once happy, choose update to apply and save the rule.

Now you're all set to send Pagerduty alerts from Logit.

What's next?

Did this answer your question?