ElastAlert is a very nice package that can be installed on top of the ELK stack. It is a free replacement of the X Pack watcher product.  The basic idea of the package is to use rules defined as yaml file in order to describe each alerting rule. You will find a nice introduction of the package possibilities here.

Continue reading “Using ElastAlert”