A Journey of a Thousand Miles Begins with a Single Step

Distribute Watches in Elasticsearch

X-Pack Alerting aka Elasticsearch Watcher can run distributed in a Elasticsearch cluster.

Read more

Run metricbeat as docker container

Metricbeat as docker container, is a decent monitoring solution to monitor other docker containers in conjunction with Elasticsearch and Kibana. Additionally metricbeat can monitor the docker system itself. You might run into some problems, which I would like to share.

Read more

Run Kafka Manager behind a proxy

I have two ramp up for two data-centers each a Apache Kafka cluster. Maintaining the cluster with the Kafka Manager GUI by Yahoo is pretty comfortable. Since both data-centers are protected by firewall, a web-proxy must forward it for my remote access.

Read more

Monitor Kibana queries with Packetbeat

If you are using X-Pack Monitoring you have a good overview of your Kibana performance. Sometimes it is necessary to know more. Packetbeat can monitor your http traffic between Kibana and the Elasticsearch node.

Read more

Dashboard with id x not found

X-Pack Reporting allows to automate and generate daily reports on pre-existing dashboards or visualizations in Kibana. To keep security tight I have created a reporting user. The first run with the reporting user gave me some mystery. Reporting complained Dashboard with id 'AWLOnWVZLaWygeBEGxLJ' not found. I did some digging and found the reason, which I am going to elaborate about in this post.

Read more

Using Proxy for Python on Windows

Using Python on Windows is not my first choice but if you have to, here are some recipes how to use pip behind a proxy. This post assumes that you are using CNTLM as running proxy.

Read more

Check active users

top gives you information about active users on a linux server system.

Read more

Watch Zombie Processes on Linux

On Unix and Unix-like computer operating systems, a zombie process or defunct process is a process that has completed execution (via the exit system call) but still has an entry in the process table: it is a process in the “Terminated state”.

Read more

HTTP Input for Elasticsearch Watcher

Elasticsearch X-Pack Alerting or aka Watcher offers the capability to alert on specific events/constellation in the Elasticsearch data. Watcher can retrieve data from the cluster where it runs (on the master node), or fetch data from Restful Web-Services via the http input. Preferably having a production cluster, you should report the monitoring data to a dedicated Elasticsearch monitoring cluster. This monitoring cluster can also run watches. The watch I’am going to introduce is the cluster health watch.

Read more