How can you derive value from data? One answer is to generate alerts based on the data. Alerts help your team stay on top of a variety of potential challenges – like application performance issues, security risks, disruptions to the CI/CD delivery chain and beyond.
ChaosSearch’s flexible alerting system makes it easy to generate alerts relevant to your organization’s needs. No matter where your data lives or which types of alerts you need to configure, ChaosSearch lets you do it – with a little help from Kibana along the way.
Here’s a look at how alerting works in ChaosSearch and what makes ChaosSearch alerting different from similar solutions.
At ChaosSearch, we love open source and open standards. Therefore it’s only natural that rather than building a proprietary alert engine from scratch, we integrated Kibana into ChaosSearch to drive alerts. Specifically, we use Kibana 7.10 from Amazon’s Open Distro for Elasticsearch.
You can configure alerts via Kibana in ChaosSearch by navigating to Analytics > Alerts. Alert configurations are based on three primary factors:
READ: The Business Case for Switching from the ELK Stack
Alongside open source tools like Kibana, we also love flexibility – which is why we designed ChaosSearch alerting to be as adaptable and customizable as possible. No matter which type (or types) of data you want to use to drive alerts, or where you want alerts to appear, it’s highly likely that ChaosSearch’s flexible alerting architecture will fit your needs.
ChaosSearch can monitor virtually any type of data source and generate alerts based on it. Some of the common examples of data sources we see our customers use for alerts include:
The list could go on. As long as your data is stored in a standard log format, JSON or CSV, ChaosSearch can search, analyze and fire alerts based on it.
ChaosSearch’s Kibana implementation also supports a wide range of alert destinations. From incident response platforms like PagerDuty and OpsGenie, to project management systems like Jira, to real-time collaboration tools like Slack and Microsoft Teams, and beyond, you can send alert data to a system of your choosing.
And, in the rare event that ChaosSearch doesn’t offer an integration with your favorite alert destination out-of-the-box, you can configure custom webhooks to send alerts to any RESTful API endpoint.
READ: How Log Analytics Powers Cloud Operations: Three Best Practices for CloudOps Engineers
The flexibility of ChaosSearch alerting makes the platform’s alerting system well-suited to a variety of use cases.
IT teams can use ChaosSearch to monitor application and infrastructure logs, then generate alerts based on anomalies like high rates of application errors or slow transaction times.
DevOps teams can configure alerts in ChaosSearch to track CI/CD operations and generate DevOps analytics. That way, they’ll find out instantly and automatically when a build or deployment has failed, or when operations are taking longer than expected.
For security teams, ChaosSearch alerts can monitor application, authentication and firewall logs to detect risks like suspicious logins, malicious network activity and DDoS attacks.
Even less technical users, like product managers or customer success teams, can put ChaosSearch alerts to work to monitor data such as which features users engage with most often, or how product usage varies over time.
READ: How to Keep DevOps in Sync with Business Needs
If you’re familiar with Elasticsearch, you may be wondering how ChaosSearch alerting compares to Watcher, the main alerting functionality in Elasticsearch.
The answer is that they are similar. However, we think ChaosSearch alerts are better than Watcher, for a few reasons:
The bottom line is, no matter what data you need to monitor or which types of alerts you want to configure, ChaosSearch can do it all – and does so without requiring complex alert configurations or potential software licensing headaches.
Read the Blog: Managing the Mess of Modern IT: Log Analytics and Operations Engineering
Watch the Webinar: Advanced Analytics - Data Architecture Best Practices for Advanced Analytics
Check out the Whitepaper: DevOps Forensic Files: Using Log Analytics to Increase Efficiency