Logo

Alerting via Watcher

Get Notified So You Don't Miss A Thing

CPU usage is unexpectedly increasing. Application response time is spiking. 503 errors are skyrocketing. Elasticsearch indexing rate has plummeted. But you're on top of it before anyone notices because X-Pack keeps you in the know with the alerts you need.

Set your first alert with this X-Pack intro. Watch Video
New Conditional actions! Trigger different actions based on the severity of the results (e.g., email first, then Slack, then PagerDuty). Read More

Detect Changes in Your Data

The alerting features in X-Pack give you the full power of the Elasticsearch query language to identify changes in your data that are interesting to you.

In other words, if you can query something in Elasticsearch, you can alert on it. For instance, you can be notified when:

Intrusion

The same user logged in from 3 different locations within an hour, so you can proactively address possible intrusion attempts.

Trending

#YourProduct is trending on social media, and you need to prepare to meet the demand.

Bionic Leg

A component of a bionic leg is nearing its end of life and it's time replace it so the six-million-dollar woman can keep running.

Credit Card

Credit card numbers are visible in your application logs and that's a compliance nightmare. It's time to talk with the application team.

Indexing Rate

Your Elasticsearch indexing rate has plummeted due to changes in your web server log file location, so you know to update your Filebeat configuration.

Get Notified, Your Way

How would you like to be notified? Pick from many alerting options with built-in integrations for email, PagerDuty, Slack, and HipChat. It also comes with a powerful webhook output for integration with your existing monitoring infrastructure or any third-party system.

It's also configurable to include relevant information from your search in the notification and ships with simple template support.

Learn from Your Alert History

X-Pack stores a complete history of all alert executions in Elasticsearch for easy tracking and visualization in Kibana. Are my alerts executing? How often are my conditions being met? What actions were taken? Your alert history also enables nested alerts.

Install Alerting for the Elastic Stack

Now, you try. Set your first alert and then wait for it...wait for it…

Install