Open Distro for Elasticsearch

Alerting

Monitor and receive alerts on your data

Easily create monitors

With Open Distro for Elastisearch, you can easily create monitors using the Kibana UI with a simple visual editor or with an Elasticsearch query. This gives you the flexibility to query the data most interesting to you and receive alerts on it. For instance, if you are ingesting access logs, you can choose to be notified when the same user logs in from multiple locations within an hour, enabling you to proactively address possible intrusion attempts.

Customize multiple alert conditions

Trigger conditions allow you to define the alerting threshold and severity. Each monitor can have multiple trigger conditions, enabling you to query the data once and generate the appropriate action. Triggers, like monitors, are highly customizable and can be created using a simple visual editor or Painless scripts.

Get notified

Open Distro for Elasticsearch provides multiple alerting options with built-in integrations for webhook and Slack. Webhook support integrates with your existing monitoring infrastructure or any third-party system. You can format alerts using Mustache to embed relevant information in the notifications to ensure your team knows what to do when they get them.

View your alerts

Join our community of developers in advancing the future of Alerting