Elasticsearch Alerts
Sumo Logic has provided out of the box alerts available via Sumo Logic monitors to help you quickly determine if the Elasticsearch database cluster is available and performing as expected.
| Alert Type (Metrics/Logs) | Alert Name | Alert Description | Trigger Type (Critical / Warning) | Alert Condition | Recover Condition |
|---|---|---|---|---|---|
|
Metrics |
Elasticsearch - Cluster Red |
This alert fires when Elasticsearch Cluster status is RED |
Critical | >=3 | <3 |
|
Metrics |
Elasticsearch - Cluster Yellow |
This alert fires when Elasticsearch Cluster status is YELLOW |
Warning | >=2 | <2 |
|
Metrics |
Elasticsearch - Disk Out of Space |
This alert fires when the disk usage is over 90% |
Critical | >90 | <=90 |
|
Metrics |
Elasticsearch - Disk Space Low |
This alert fires when the disk usage is over 80% |
Warning | >80 | <= 80 |
|
Metrics |
Elasticsearch - Healthy Data Nodes |
This alert fires when there missing data node in Elasticsearch cluster |
Critical | <3 | >=3 |
|
Metrics |
Elasticsearch - Healthy Nodes |
This alert fires when there is missing node in Elasticsearch cluster |
Critical | <3 | >=3 |
|
Metrics |
Elasticsearch - Heap Usage Too High |
This alert fires when the heap usage is over 90% |
Critical | >90 | <=90 |
|
Metrics |
Elasticsearch - Heap Usage Warning |
This alert fires when the heap usage is over 80% |
Warning | >80 | <=80 |
|
Metrics |
Elasticsearch - Initializing Shards Too Long |
This alert fires when elasticsearch has been initializing shards for 5 min |
Warning | >0 | <=0 |
|
Metrics |
Elasticsearch - Pending Tasks |
This alert fires when elasticsearch has pending tasks. |
Warning | >0 | <=0 |
|
Metrics |
Elasticsearch - Relocating Shards Too Long |
This alert fires when elasticsearch has been relocating shards for 5min |
Warning | >0 | <=0 |
|
Metrics |
Elasticsearch - Unassigned Shards |
This alert fires when Elasticsearch has unassigned shards |
Critical | >0 | <=0 |
|
Logs |
Elasticsearch - Query Time Too Slow |
This alert fires when queries are slow to execute |
Critical | >0 | <=0 |
|
Logs |
Elasticsearch - Query Time Slow |
This alert fires when query time is greater than 5 ms |
Warning | >0 | <=0 |
|
Logs |
Elasticsearch - Too Many Slow Query |
This alert fires when there aret oo Many Slow Query in 5 minutes |
Warning | >100 | <=100 |
|
Logs |
Elasticsearch - Error Log Too Many |
Error Log Too Many |
Critical | >1000 | <=1000 |