Created
November 5, 2020 14:23
-
-
Save sourabh-agrawal/89f842b5f61f48a1985b4d23be7e4084 to your computer and use it in GitHub Desktop.
Monitor kafka cluster with elastalert. Get slack alert when your kafka data disk is about to get full(>=90%)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
index: metricbeat-live* | |
description: "This alert is fired when disk at /kafka has usage in between 90-100%" | |
name: central-kafka-disk-critical | |
type: any | |
alert: slack | |
realert: | |
hours: 2 | |
# I am monitoring via BrokerId | |
query_key: tags_hash.id | |
doc_type: _doc | |
# I have indexed my cluster info like application, cluster_name in tags_hash | |
filter: | |
- query: | |
query_string: | |
query: 'tags_hash.cluster: central AND tags_hash.application: kafka AND metricset.name: filesystem AND system.filesystem.mount_point: "/kafka"' | |
- query: | |
range: | |
"system.filesystem.used.pct": | |
"gte": 0.90 | |
"lte": 1.00 | |
# alert on slack | |
alert_text_type: alert_text_only | |
include: ["system.filesystem.used.pct", "system.filesystem.mount_point", "host.name", "tags_hash.id", "tags_hash.cluster", "tags_hash.application"] | |
slack_webhook_url: "<paste_your_slack_webhook_url>" | |
slack_text_string: ":WARNING::mega: Disk usage alert :boom::fire:" | |
alert_text: "*Used %*\t\t\t:\t{0}\n | |
*MountPoint*\t:\t{1}\n | |
*Host*\t\t\t\t:\t{2}\n | |
*BrokerId*\t\t :\t{3}\n | |
*Cluster*\t\t\t:\t{4}\n | |
*Application*\t :\t{5}\n\n | |
_This alert is fired when used disk space is in between 90-100%_" | |
alert_text_args: ["system.filesystem.used.pct", "system.filesystem.mount_point", "host.name", "tags_hash.id", "tags_hash.cluster", "tags_hash.application"] | |
slack_emoji_override: ":yoda:" | |
# Available colors: good, warning, danger | |
slack_msg_color: 'danger' |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
good job