Elasticsearch Monitoring User Guide

General information


Elasticsearch monitoring is a Gateway configuration file that enables monitoring of Elasticsearch Cluster through the Toolkit plug-in.

Elasticsearch is a distributed, search and analytics engine that is capable of scaling horizontally, allowing to add more nodes to the cluster. This means that it can search and analyze large scale of data.

The elements that make Elasticsearch work are defined as follows:

  • Node is a running instance of Elasticsearch that is capable of knowing the location of the document.
  • Cluster consists of one or more nodes with the same cluster name that can share their data and load.

Track the following key areas when using Elasticsearch monitoring:

Key Area Description
Search performance Determine how the search function perform over time by monitoring the query operations, load or latency, field data cache and evictions.
Indexing performance Each shard in the index can be updated through flush and refresh process.

Shard is a container for data that can be either a primary or a replica shard. It is how the Elasticsearch distributes data in the clusters.

  • Index refresh - creates a new in-memory segment allowing the newly indexed documents searchable.
  • Index flush - new documents are added to the in-memory buffer, the segments are committed, and the transaction log is cleared.
Cluster health and node availability Monitors the current state of all clusters and nodes.
Resource utilisation Provides information on how the thread pool queues and rejection works in monitoring the bulk, index, merge, and operations.
System and network metrics Shows information about every node in the cluster, resource and memory usage, and active connections opened over time.

In this Elasticsearch monitoring template, you will see these metrics in your dataview:

  • Cluster health
  • Indexing performance
  • Search performance
  • Node and resource information
  • Thread pool

This guide discusses the steps to set up the Elasticsearch integration on a Gateway. Once the integration is set up, the samplers providing the dataviews become available to that Gateway.

To view the sample metrics and dataviews, see Elasticsearch Monitoring Technical Reference.

User requirements

This monitoring template is a Gateway configuration setup that can be included in the Gateway Setup Editor.

To use this template, your configuration must meet the following requirements:

  • A machine running the Netprobe must have access to the HTTP address and port published by the Elasticsearch.
  • An Active Console 2 that is connected to the Gateway.
  • Elasticsearch configuration files extracted to their Gateway set-up.


System Requirements

The following requirements must be met prior to the installation and setup of the template:

  • Template package: geneos-integration-elasticsearch-<version>.zip.
  • Managed entities utilising the samplers defined in the include/ElasticsearchMonitoring.xml.
  • Netprobe version 4.5 or higher.
  • Python 2.7 or 3.6 installation on the machine where the Netprobe resides.

Note: This template is verified to be working with Elasticsearch version 6.1.2.



This document is a reference guide to introduce templates and scripts built using the Geneos development toolkit plug-ins.

The template allows you to integrate specific applications and services to collect metrics without having to create a new plug-in.


Install and set up

Ensure that you have read and can follow the system requirements prior to installation and setup of this integration template.

  1. Download the config file (geneos-integration-elasticsearch-<version>.zip) from the ITRS Downloads site.
  2. Open Active Console 2.
  3. Extract the Elasticsearch monitoring configuration file into the Gateway Setup directory.
  4. Click Includes to create a new file in the Navigation panel.
  5. Enter the location of the file to include in the Location field. In this example, use the include/ElasticsearchMonitoring.xml:
  6. The priority controls the importance of a file when merging. Sections in a higher priority file will take precedence over sections in a lower priority file. This priority setting affects the priority of configuration in the main setup file.

  7. Expand the file location in the Includes section.
  8. Select Click to load...
  9. Click Yes to load the new Elasticsearch include file.
  10. Click Managed entities in the Navigation panel.
  11. Add the Elasticsearch type to the Managed Entity section that you will use to monitor Elasticsearch.
  12. Click the Validate button to check your configuration.

The Validate button allows you to check if there are any errors or warnings in your configuration set-up.

Once the Gateway configuration appears in the Includes section, you can add the samplers and other variables.


Set up the samplers

These are the pre-configured samplers available to use in ElasticsearchMonitoring.xml.

Configure the required fields by referring to the table below:


Set up the variables

The ElasticsearchMonitoring.xml template provides the following variables that are set in the Environments section:

Variable Description
Default: Elasticsearch-Monitoring
ELASTICSEARCHMON_HOST IP/Hostname of the Elasticsearch Node.
Default: localhost
ELASTICSEARCHMON_PORT Port assigned to the Elasticsearch HTTP service .
Default: 9200
ELASTICSEARCHMON_PYTHON_EXE Name of the executable script that calls the python code.

After checking and saving the changes, the samplers you have set in the Gateway configuration display in Active Console 2.

Set up the rules

The ElasticsearchMonitoring-SampleRules.xml template also provides a separate sample rules that you can use to configure the Gateway Setup Editor.

Your configuration rules must be set in the Includes section.

  1. Enter the location of the file to include in the Location field. In this example, use the include/ElasticsearchMonitoring-SampleRules.xml:
  2. Note: The priority controls the importance of a file when merging. Sections in a higher priority file will take precedence over sections in a lower priority file. This priority setting affects the priority of configuration in the main setup file.

  3. Expand the file location in the Includes section.
  4. Select Click to load...
  5. Click Yes to load the new Elasticsearch include rules file.
  6. Click Rules in the Navigation panel to create new rules.
Rules Sample Rules
Resource Elasticsearch-Diskspace
ClusterHealth Elasticsearch-ClusterStatus
Indexing Elasticsearch-IndexingLatency
Search Elasticsearch-QueryLatency

Once the Gateway for rules configuration appears in the SampleRules Includes section, you can set the rules and alerts.