Logit.io

A Spike alert matches when the volume of events during a given time period is larger or smaller based on <code>spike_height</code> than during the previous time period <code>timeframe</code>.

This would allow you to receive alerts in scenarios such as if there is 3 times spike up based on a ratio value <code>spike_height</code> in the number of events matching the <code>filter</code> query, when compared to the previous time window for events <code>timeframe</code>. Here is an example below:

name: "Spike example alert" type: spike index: "*-*" timeframe: hours: 2 spike_height: 3 spike_type: "up" - query: query_string: query: "router.status: [500 TO 599]" alert: - "email" email: - "example@logit.io"

In addition, you can also provide a <code>threshold_cur</code> value that allows you to configure the minimum number of events that must exist in the current window for an alert to be fired.

Read Logit.io's <a href="https://help.logit.io/en/articles/3624510-an-introduction-to-alerting">introduction to alerting</a>

Learn <a href="https://help.logit.io/en/articles/3622196-how-do-i-create-a-new-elastalert-rule">how to create an ElastAlert rule</a>

Learn <a href="https://help.logit.io/en/articles/3633552-how-can-i-check-my-elastalert-rule-is-configured-correctly">how to ensure my ElastAlert rule is configured correctly</a>

Learn more about ElastAlert rules: if you'd like to learn more about ElastAlert rules from the people that built it, check out their <a href="https://elastalert.readthedocs.io/en/latest/ruletypes.html" rel="nofollow noopener noreferrer" target="_blank">cheat sheet</a>.

- Read Logit.io's <a href="https://help.logit.io/en/articles/3624510-an-introduction-to-alerting">introduction to alerting</a>
- Learn <a href="https://help.logit.io/en/articles/3622196-how-do-i-create-a-new-elastalert-rule">how to create an ElastAlert rule</a>
- Learn <a href="https://help.logit.io/en/articles/3633552-how-can-i-check-my-elastalert-rule-is-configured-correctly">how to ensure my ElastAlert rule is configured correctly</a>
- Learn more about ElastAlert rules: if you'd like to learn more about ElastAlert rules from the people that built it, check out their <a href="https://elastalert.readthedocs.io/en/latest/ruletypes.html" rel="nofollow noopener noreferrer" target="_blank">cheat sheet</a>.

Find out more about how to create a spike alert for your OpenSearch logs or metrics in this article from Logit.io.

Additional Options

What's next?