Posted On: Apr 8, 2019

Amazon Elasticsearch Service now provides built-in event monitoring and alerting, enabling you to monitor the data stored in your domain and automatically send notifications based on pre-configured thresholds. For example, if you are storing HTTP server logs in your Amazon Elasticsearch Service domain, you can now monitor the response codes and alert your team if there are too many errors, right from your domain. 

The alerting feature supports both a Kibana interface and REST APIs for configuring and managing alerts. With Kibana, you can use a simple visual editor or write custom Elasticsearch queries to configure monitors. Monitors support multiple trigger conditions, so you can query your data once and send different notifications based on the return values via custom webhooks, Slack, Amazon Simple Notification Service (SNS), and Amazon Chime. Amazon SNS also allows you to integrate alerts with Amazon Simple Queue Service (SQS), AWS Lambda, SMS, and email. Additionally, your alert history is automatically indexed, enabling you to easily track and visualize your alert history over time. 

Alerting is available on domains running Elasticsearch 6.2 and higher. You can upgrade existing 5.x and 6.x domains with no downtime using in-place version upgrades. To learn more, read the documentation

Alerting is a component of Open Distro for Elasticsearch, an Apache 2.0-licensed distribution of Elasticsearch. To learn more about Open Distro for Elasticsearch and joining the open source community, go to the website.

Amazon Elasticsearch Service Alerting is available across 16 regions globally: GovCloud, US East (N. Virginia, Ohio), US West (Oregon, N. California), Canada (Montreal), South America (Sao Paulo), EU (Ireland, London, Frankfurt, Paris), and Asia Pacific (Singapore, Sydney, Tokyo, Seoul, Mumbai). Please refer to the AWS Region Table for more information about Amazon Elasticsearch Service availability.