Live Workshop: Integrate Google SecOps with Bindplane - Join Us on January 29th at 11 AM ET!Sign Up Now

Elasticsearch

Supported Platforms

PlatformMetricsLogsTraces
Linux
Windows
macOS

Prerequisites

This receiver supports Elasticsearch versions 7.9+.

If Elasticsearch security features are enabled, you must have either the monitor or manage cluster privilege. See the Elasticsearch docs for more information on authorization and Security privileges.

Configuration Table

ParameterTypeDefaultDescription
telemetry_typestelemetrySelector["Logs", "Metrics"]Choose Telemetry Type.
hostname*string"localhost"The hostname or IP address of the Elasticsearch API.
portint9200The TCP port of the Elasticsearch API.
usernamestringUsername used to authenticate.
passwordstringPassword used to authenticate.
collection_intervalint60Sets how often (seconds) to scrape for metrics.
nodesstrings_nodeFilters that define which nodes are scraped for node-level metrics. It should be set to '_node' if the collector is installed on all nodes. '_all' if a single collector is scraping the entire cluster. https://www.elastic.co/guide/en/elasticsearch/reference/7.9/cluster.html#cluster-nodes.
skip_cluster_metricsboolfalseEnable to disable the collection of cluster-level metrics.
json_log_pathsstrings- \"/var/log/elasticsearch/__server.json\" \n- \"/var/log/elasticsearch/__deprecation.json\" \n- \"/var/log/elasticsearch/__index_search_slowlog.json\" \n- \"/var/log/elasticsearch/__index_indexing_slowlog.json\" \n- \"/var/log/elasticsearch/*_audit.json\"File paths for the JSON formatted logs.
gc_log_pathsstrings- \"/var/log/elasticsearch/gc.log*\"File paths for the garbage collection logs.
start_atenumendStart reading the file from the 'beginning' or 'end'.
*required field