It only takes a few minutes to add alerting to any of your Logit ELK stacks. Once enabled, you'll be able to edit and set up alerting rules for all your stacks.
Provision Alerting for a Stack
When you login your stacks are displayed on the dashboard. To enable alerting for a stack, choose 'View Stack Settings'.
Next, choose 'Alerting & Notifications' and then choose 'Setup alerting for this Stack'
Create your Alerting Rule
Use the code block below to quickly get started with your Pagerduty alert.
name: Production App Errors
type: any
# (Required)
# Index to search, wildcard supported
index: logstash-*
## Receive an alert for every single match
realert:
minutes: 0
# (Required)
# A list of elasticsearch filters used for find events
# These filters are joined with AND and nested in a filtered query
filter:
- query:
query_string:
query: "type: error"
# (Required)
# The alert used when a match is found
alert:
- "pagerduty"
# Integration Key generated by PagerDuty
pagerduty_service_key: your_pagerduty_service_key
# The name of the monitoring client that is triggering this event
pagerduty_client_name: your_pagerduty_client_name
How to use the code
Paste the code into the alert replacing any existing rule.
Then just edit the code to match the filter query you need, in this case we are looking for matches on "type:error".
Choose test to run the rule against your data over the last 2 hrs.
Once happy, choose update to apply and save the rule.
Now you're all set to send Pagerduty alerts from Logit.
What's next?
Learn more about ElastAlert rules: if you'd like to learn more about ElastAlert rules from the people that built it, check out their cheat sheet.
Read Logit's introduction to alerting
Learn how to send alerts to Email from your Logit stacks.
Learn how to send alerts to Slack from your Logit stacks.