Chapter 8: Watcher

  • One of the X-Pack feature
  • Encourages integration and automation for a wide range of use-cases:
    • Monitor your infrastructure
    • Track network activity
    • Monitor health of Elasticsearch cluster/node/index
  • Gives you the power of the Elasticsearch DSL to identify changes in your data
  • Create notifications when:
    • The same user logins from 4 disperse geographical locations in 10 min
    • Frequency of request for a single ip address spikes 1,000% in last hour
    • Elasticsearch cluster is experiencing increased exceptions rate in the logs

