I want to know when Graylog server / nodes experience problems. I can see that in UI, but I don’t want to check UI every day. Is it possible to configure Graylog to send Email notifications about system errors for events like:
Journal is full, dropping messages
Elastic is in read-only state
Inputs are throttled
etc
I tried to search for these logs/event in All Logs, or All Event, but could not find any of the recent failures that I’ve had to deal with. Any suggestions? Is it not supported? Does it require configuring a Beat that would collect Graylog logs from its own sever?
Thanks @gsmith. Do you mean I need Prometheus metrics exposed in Graylog to make it alert on itself or I need to configure Prometheus to alert on Graylog? We don’t have yet monitoring and alerting infra setup so I was hoping I could get his directly from Graylog.
Graylog is not a monitoring-tool like icinga, Checkmk, Prometheus etc. It’s a tool for log management, which can be used like a SIEM. Graylog looks more what happens based on logs from system then how the system behaves in therms of CPU, RAM, HDD, processed etc.
Sure, but it does report issues on its own UI and it does cave capabilities to sent email notification. It would’ve been nice if it has an option not just report these issues on UI but also send email notifications about them. I mean, I was curious if it has such option. The answer is no.
