HEX
Server: LiteSpeed
System: Linux kapuas.iixcp.rumahweb.net 5.14.0-427.42.1.el9_4.x86_64 #1 SMP PREEMPT_DYNAMIC Fri Nov 1 14:58:02 EDT 2024 x86_64
User: mirz4654 (1666)
PHP: 8.1.33
Disabled: system,exec,escapeshellarg,escapeshellcmd,passthru,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,popen,pclose,dl,pfsockopen,leak,apache_child_terminate,posix_kill,posix_mkfifo,posix_setsid,posix_setuid,posix_setpgid,ini_alter,show_source,define_syslog_variables,symlink,syslog,openlog,openlog,closelog,ocinumcols,listen,chgrp,apache_note,apache_setenv,debugger_on,debugger_off,ftp_exec,dll,ftp,myshellexec,socket_bind,mail,posix_getwpuid
$ pwd: /lib/netdata/conf.d/health.d/
Upload Files
File: //lib/netdata/conf.d/health.d/elasticsearch.conf
# you can disable an alarm notification by setting the 'to' line to: silent

# 'red' is a threshold, can't lookup the 'red' dimension - using simple pattern is a workaround.

 template: elasticsearch_cluster_health_status_red
       on: elasticsearch.cluster_health_status
    class: Errors
     type: SearchEngine
component: Elasticsearch
   lookup: average -5s unaligned of *ed
    every: 10s
    units: status
     crit: $this == 1
    delay: down 5m multiplier 1.5 max 1h
  summary: Elasticsearch cluster ${label:cluster_name} status
     info: Elasticsearch cluster ${label:cluster_name} health status is red.
       to: sysadmin

# the idea of '-10m' is to handle yellow status after node restart,
# (usually) no action is required because Elasticsearch will automatically restore the green status.
 template: elasticsearch_cluster_health_status_yellow
       on: elasticsearch.cluster_health_status
    class: Errors
     type: SearchEngine
component: Elasticsearch
   lookup: average -10m unaligned of yellow
    every: 1m
    units: status
     warn: $this == 1
    delay: down 5m multiplier 1.5 max 1h
  summary: Elasticsearch cluster ${label:cluster_name} status
     info: Elasticsearch cluster ${label:cluster_name} health status is yellow.
       to: sysadmin

 template: elasticsearch_node_index_health_red
       on: elasticsearch.node_index_health
    class: Errors
     type: SearchEngine
component: Elasticsearch
   lookup: average -5s unaligned of *ed
    every: 10s
    units: status
     warn: $this == 1
    delay: down 5m multiplier 1.5 max 1h
  summary: Elasticsearch cluster ${label:cluster_name} index ${label:index} status
     info: Elasticsearch cluster ${label:cluster_name} index ${label:index} health status is red.
       to: sysadmin

# don't convert 'lookup' value to seconds in 'calc' due to UI showing seconds as hh:mm:ss (0 as now).

 template: elasticsearch_node_indices_search_time_query
       on: elasticsearch.node_indices_search_time
    class: Workload
     type: SearchEngine
component: Elasticsearch
   lookup: average -10m unaligned of query
    every: 10s
    units: milliseconds
     warn: $this > (($status >= $WARNING)  ? (20 * 1000) : (30 * 1000))
    delay: down 5m multiplier 1.5 max 1h
  summary: Elasticsearch cluster ${label:cluster_name} node ${label:node_name} query performance
     info: Elasticsearch cluster ${label:cluster_name} node ${label:node_name} search performance is degraded, queries run slowly.
       to: sysadmin

 template: elasticsearch_node_indices_search_time_fetch
       on: elasticsearch.node_indices_search_time
    class: Workload
     type: SearchEngine
component: Elasticsearch
   lookup: average -10m unaligned of fetch
    every: 10s
    units: milliseconds
     warn: $this > (($status >= $WARNING)  ? (3 * 1000) : (5 * 1000))
     crit: $this > (($status == $CRITICAL) ? (5 * 1000) : (30 * 1000))
    delay: down 5m multiplier 1.5 max 1h
  summary: Elasticsearch cluster ${label:cluster_name} node ${label:node_name} fetch performance
     info: Elasticsearch cluster ${label:cluster_name} node ${label:node_name} search performance is degraded, fetches run slowly.
       to: sysadmin
@ Telegram