Re: Alert notification with percolator

2015-04-06 Thread Lincoln Xiong 
Yeah I have done something with that. For now there is a .percolator in my 
index mapping. But I failed to get further interact with that, which I 
mean, according to the docs, percolator should be an "index"? But I cannot 
find any additional index on my node after I set a percolator query...And 
also, there is a count API I can use to check how many events hits by the 
percolator query, I also cannot make that work...

Can anyone give me an example of how you setup the percolator as an alert 
or similar?

So here is what my percolator looks like when I get the mapping of the 
index

".percolator" : {
  "_id" : {
"index" : "not_analyzed"
  },
  "properties" : {
"query" : {
   "enabled" : false,
  "type" : "object"
}
  }
}




On Thursday, April 2, 2015 at 5:13:39 PM UTC-4, Roger de Cordova Farias 
wrote:
>
> I have never used percolator, but afaik you have to call the percolator 
> api after you have the document indexed:
>
>
> http://www.elastic.co/guide/en/elasticsearch/reference/current/search-percolate.html#_percolating_an_existing_document
>
> 2015-04-02 15:25 GMT-03:00 Lincoln Xiong  >:
>
>> I try to use elasticsearch as a 2nd log output storage, to analyze some 
>> info in logs. In this case, an alert triggers will be very useful. I read 
>> through docs talking about percolator and I think this should be the way to 
>> make it out.But after some trying, I found that I don't really get how 
>> percolator works. It seems that I use REST API to index a document with a 
>> percolator already set up, it will return if that document match the 
>> percolator query or not. For my case, I use Logstash as input which of 
>> course don't have this kind of feedback. And a "count" appears to be 
>> accessible from REST that I can use to get this kind "feedback" from 
>> percolator but I find it no where.
>>
>> Could some one give me an idea about how I can achieve this kind of 
>> feature with Elasticsearch? 
>>
>> I know I can have ways to trigger an alert in Logstash but for my case 
>> Logstash is a temporary tool to input the data, I could possible not use it 
>> in the future. 
>> I also notice that Graylog has kind of alert. When the input event match 
>> some keywords, the alarm will trigger. I guess it also use some percolator 
>> APIs but I wish to know how can I do this alone with Elasticsearch only.
>>
>> Thanks a lot.
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "elasticsearch" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to elasticsearc...@googlegroups.com .
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/elasticsearch/cf5da9d8-7000-4a0b-94af-3ce064feee90%40googlegroups.com
>>  
>> 
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/e915015b-8438-4ad4-99ca-6eaa66033581%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Alert notification with percolator

2015-04-02 Thread Roger de Cordova Farias 
I have never used percolator, but afaik you have to call the percolator api
after you have the document indexed:

http://www.elastic.co/guide/en/elasticsearch/reference/current/search-percolate.html#_percolating_an_existing_document

2015-04-02 15:25 GMT-03:00 Lincoln Xiong :

> I try to use elasticsearch as a 2nd log output storage, to analyze some
> info in logs. In this case, an alert triggers will be very useful. I read
> through docs talking about percolator and I think this should be the way to
> make it out.But after some trying, I found that I don't really get how
> percolator works. It seems that I use REST API to index a document with a
> percolator already set up, it will return if that document match the
> percolator query or not. For my case, I use Logstash as input which of
> course don't have this kind of feedback. And a "count" appears to be
> accessible from REST that I can use to get this kind "feedback" from
> percolator but I find it no where.
>
> Could some one give me an idea about how I can achieve this kind of
> feature with Elasticsearch?
>
> I know I can have ways to trigger an alert in Logstash but for my case
> Logstash is a temporary tool to input the data, I could possible not use it
> in the future.
> I also notice that Graylog has kind of alert. When the input event match
> some keywords, the alarm will trigger. I guess it also use some percolator
> APIs but I wish to know how can I do this alone with Elasticsearch only.
>
> Thanks a lot.
>
> --
> You received this message because you are subscribed to the Google Groups
> "elasticsearch" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to elasticsearch+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/elasticsearch/cf5da9d8-7000-4a0b-94af-3ce064feee90%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/CAJp2530%2BAkecJAbVnQ3E8X1_iWNqzAK%3DmbDkHgECAomZgnfdrg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Alert notification with percolator

2015-04-02 Thread Lincoln Xiong 
I try to use elasticsearch as a 2nd log output storage, to analyze some 
info in logs. In this case, an alert triggers will be very useful. I read 
through docs talking about percolator and I think this should be the way to 
make it out.But after some trying, I found that I don't really get how 
percolator works. It seems that I use REST API to index a document with a 
percolator already set up, it will return if that document match the 
percolator query or not. For my case, I use Logstash as input which of 
course don't have this kind of feedback. And a "count" appears to be 
accessible from REST that I can use to get this kind "feedback" from 
percolator but I find it no where.

Could some one give me an idea about how I can achieve this kind of feature 
with Elasticsearch? 

I know I can have ways to trigger an alert in Logstash but for my case 
Logstash is a temporary tool to input the data, I could possible not use it 
in the future. 
I also notice that Graylog has kind of alert. When the input event match 
some keywords, the alarm will trigger. I guess it also use some percolator 
APIs but I wish to know how can I do this alone with Elasticsearch only.

Thanks a lot.

-- 
You received this message because you are subscribed to the Google Groups 
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/cf5da9d8-7000-4a0b-94af-3ce064feee90%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.