If you have a NetEye with SIEM Module activated or own an Elasticsearch installation then you have surely activated the Elasticsearch Snapshots to make backups of all your indexes (or at least the important ones). However you have to take a regular look at your Snapshots Reports to check that everything is working correctly. I recently thought about using the Elasticsearch Snapshot API to automate this task and have a monitoring plugin check your Snapshot status.
To set this up, download this plugin: check_elasticsearch_snapshots.zip and define a command like this one:
/neteye/shared/monitoring/plugins/check_elasticsearch_snapshots.sh -r elastic-backup-repository
You can also look at the command help for more options:
# /neteye/shared/monitoring/plugins/check_elasticsearch_snapshots.sh --help check_elasticsearch_snapshots 1.0.0 This plugin checks for the status of elasticsearch snapshots Usage: check_elasticsearch_snapshots.sh -r <snapshot_repository_name> [ -s <snapshot_basename> ] [-d <number-days-back>] check_elasticsearch_snapshots.sh --help check_elasticsearch_snapshots.sh --version -r <snapshot_repository_name> ... name of elasticsearch snapshot backup repostiory -s <snapshot_basename> ... base name of snapshop to check for (default: ALL) -d <number-days-back> ... numbers of days back to look for status of snapshots (default: 3)
After that define your Service Template and Service, and you can begin monitoring your Elasticsearch Snapshots.
Did you like this article? Does it reflect your skills? We often get interesting questions straight from our customers who need customized solutions. In fact, we’re currently hiring for roles just like this and others here at Würth Phoenix.