Category: elasticstack
-
Powershell to ElasticSearch to find ElastAlert
I recently worked on an interesting project where I needed to use a powershell script to query ElasticSearch to find a document that was inserted via ElastAlert. The purpose of this exercise was to determine whether or not a service had been marked down recently, which would determine whether an operation ran that might take…
-
ELK + EA — Silencing ElastAlert Alerts
Many shops are realizing the benefit of the ELK stack / Elastic Stack, and the great flexibility that it brings to an infrastructure in the form of centralized logging and reporting which has always been critical when troubleshooting difficult and/or distributed problems. Having many input options (via elastic beats) to choose from, and lots of…