ELK (Elasticsearch, Logstash, Kibana) specialist with prior experience with Sentinl

We require a ELK (Elasticsearch, Logstash, Kibana) specialist with prior experience with Sentinl to create a watcher to monitor a log index for results of a specific Lucene search phrase and to raise an alarm (for email and Slack) when the number of results increases by more than X% between two periods.

e.g. assuming the current time is 10:00:00AM

Index: system-x
Lucene query: LoggerName:NetworkLogger AND Level:ERROR
Period: Between 10:00:00AM and 09:55:00AM
Interval: 1 minute
Threshold: 10%

In the example above, Sentinl should run the Lucene query every minute, and raise an alarm if the number of results returned from for the current period (between now-5m and now) is greater than 10% more than the previous period (between now-6m and now-1m)

If consultant wishes to propose alternative ways of achieving the same but still with ELK and Sentinl, we are receptive to their ideas.


Additional Information
----------------------------
Our installation:

We are running ELK v6.3.1 and require assistance with the configuration of the Sentinl alerting service. ELK and SentiNL are already installed and the log server will be accessible remotely for the chosen consultant.

SENTINL extends Siren Investigate and Kibana with Alerting and Reporting functionality to monitor, notify and report on data series changes using standard queries, programmable validators and a variety of configurable actions.
About the recuiter
Member since Mar 14, 2020
Virendra Pandey
from Aquitaine, France

---

---

Offer to work on this project closes in 204 days!
Are you interested in this Opportunity?

Looking for help? Checkout our video tutorial
How to search and apply for jobs

How to apply? Do you have more questions about the Job?
See frequently asked questions