How to send Email Notification when Graylog journal utilization is high?

AhmedAdel · January 1, 2019, 10:06am

How to send Email Notification in these cases?:

GrayLog Journal Utilization is high.
specific source producing too much messages.
specific server has high CPU utilization.

thanks in advance.

macko003 · January 2, 2019, 8:38pm

If you want to monitor your graylog server, use a monitoring system.
It can handle all of your needs.

AhmedAdel · January 3, 2019, 10:11am

could you kindly recommend one?

maniel · January 3, 2019, 10:18am

i monitor my graylog with telegraf+influxdb+grafana stack, telegraf pulls metrics from grasylog via REST API, puts it in influxdb and grafana does the job of visualizing and alerting, there are a lot of pre-made dashboards for grafana, including graylog ones, mine looks like this:

you can set alerts per graph, there are various notification channels available:

i use telegram and email

Totally_Not_A_Robot · January 3, 2019, 10:28am

That’s assuming that your company/environment does not already have a monitoring tool. Most corporate environment usually already have these (Nagios, HP OMI, Tivoli, etc etc).

EDIT:
@maniel that screenshot looks dope! I’ll have to take a gander at the stack you described.

macko003 · January 3, 2019, 10:40am

+1

You have to choose one what meet with your goals.
We use 6+ monitoring software, in 15+ centralized clusters, because every one has some advantage

Totally_Not_A_Robot · January 3, 2019, 10:43am

Dude, I already thought your Graylog setup was nuts. But this takes the cake

macko003 · January 3, 2019, 10:53am

How would you like monitor 20k+ devices?
We provide services for some million “customers”
Little company little needs, big company…

AhmedAdel · January 3, 2019, 11:00am

thanks for your reply,
i thought it could be done from inside the graylog itself.

macko003 · January 3, 2019, 11:02am

not really
I suggest to use a monitoring system, because if you also collect performance data, it can help to prevent, or analyze a bottleneck.

Totally_Not_A_Robot · January 3, 2019, 11:15am

Mind you, I did not mean “nuts” in a negative sense. In this case “nuts” meant “totally freakin’ awesome”

maniel · January 3, 2019, 11:19am

also you can monitor other things, for example I’m monitoring a few hosts life parameters (cpu, memory, I/O usage, temperatures etc.), docker and VPN statuses with my TIG stack;-)

konrad · January 7, 2019, 10:05am

It is quite hard to monitor your own system and react on that without generating new problems.
When your system is already under pressure, it cannot waste resources to inform you that is under pressure and with that generating a new set of problems.

system · January 21, 2019, 10:05am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Alerting Graylog Administration Notifications Graylog Central (peer support)	2	308	August 18, 2022
Email notifications about Graylog node's errors Documentation Campfire	6	566	June 21, 2023
System Notifications sending to email? Graylog Central (peer support)	2	627	February 13, 2018
Alert notification setup assistance Graylog Central (peer support)	3	315	October 29, 2020
Question regarding notifications Graylog Central (peer support) alert	2	519	February 18, 2022

How to send Email Notification when Graylog journal utilization is high?

Related topics