Skip to main content
Sumo Logic

Elasticsearch

The Elasticsearch app helps you monitor the availability, performance, health, and resource utilization of your Elasticsearch clusters.

The Elasticsearch app is a unified logs and metrics app that helps you monitor the availability, performance, health, and resource utilization of your Elasticsearch clusters. Preconfigured dashboards provide insight into cluster health, resource utilization, sharding, garbage collection, and search, index, and cache performance.

Sample Log Message

Kubernetes:

{
type:"server",
timestamp:"2021-07-12T05:12:07,101+0000",
level:"WARN",
component:"o.e.c.NodeConnectionsService",
cluster.name:"elasticsearch",
node.name:"elasticsearch-master-0",
cluster.uuid:"pQ372ZkIQiaHkSVp6hlxZw",
node.id:"7PdqQlHYRjqbzClkTeoVdA",
message:"failed to connect to {elasticsearch-master-1}{OfUoMAwoRoKr2sAlYAYuEA}{RnYfI0DUT9uqtF4h5aVDQg}{10.42.1.143}{10.42.1.143:9300}{dim}{ml.machine_memory=2147483648, ml.max_open_jobs=20, xpack.installed=true} (tried [1] times)"
}

Non-Kubernetes:

{"type": "server", "timestamp": "2021-07-12T11:42:25,862+07:00", "level": "INFO", "component": "o.e.x.s.a.s.FileRolesStore", "cluster.name": "elasticsearch", "node.name": "v103-157-218-134.3stech.vn", "message": "parsed [0] roles from file [/etc/elasticsearch/roles.yml]" }