There are multiple add-ons that can help you monitor your Elastic Search cluster health. We are addicted to the kopf/cerebro plugins which let us understand easily the current state of the cluster. But the drawback of such a plugin is that it does not keep track of what is happening when it is not running.

An easy solution is to use the powerful elastic API in order to get the cluster statistics and re inject them into the cluster itself. We can then use Kibana to display the tendencies of each value we want to monitor.

Connecting to ELK using python is easy using the ElasticSearch driver.

from elasticsearch import Elasticsearch

es = Elasticsearch(hosts=[127.0.0.1:9200])

Once the connection established, two functions return details about the cluster.

health=es.cluster.health()
stats=es.nodes.stats()

The first one returns high level information about the cluster. The second one is more interesting and returns statistics of each node of the cluster.

Once the data retrieved, it can be simply indexed via the bulk function of the driver.

es.bulk(body=bulk_body)

The full code can be downloaded here.

This is of course easier way to run it via docker. (Container here)

Using Kibana to display the values

The next step is to build a Kibana dashboard using the new index.

ELKStatistics.jpg

or timelion using requests such as:

.es(index='elastic_stat*',metric='avg:docs').yaxis(2).derivative().bars(),.es(index='elastic_stat*',metric='avg:jvm_mem_heap_used_percent'),.es(index='elastic_stat*',metric='avg:cpu_percent').movingaverage(10)

timelion.jpg

Docker-Compose integration example:

#COMPOSE ELK5
version: '2'
services:
##############################
  elasticsupervisor:
    image: snuids/elasticsupervisor:v0.1f
    container_name: elasticsupervisor
    links:
      - esnode1
    environment:
      - ELASTIC_ADDRESS=esnode1:9200
      - PYTHONUNBUFFERED=0
    restart: always

##############################
  cerebro:
    image: snuids/cerebro:v0.3.1
    container_name: cerebro
    ports:
      - 9000:9000
    links:
      - esnode1

##############################
  esnode1:
    image: elasticsearch:5
    environment:
      - ES_JAVA_OPTS=-Xmx1g -Xms1g
    ports:
      - "9201:9200"
      - "9301:9300"
    container_name: esnode1


##############################
  kibana:
    image: snuids/kibana5withextravisus:v5.0.0
    ports:
      - "5601:5601"
    environment:
      - ELASTICSEARCH_URL=http://esnode1:9200
    container_name: kibana
    links:
      - esnode1

Part 2 here.