In the previous article, “Uptime Monitoring with Heartbeat,” I described using Uptime to monitor the health of a web site. In many subsequent articles I’ve also shown how to use Elastic Alerts to send an alert. If you’d like to learn more, see the article “Elastic: Creating an Elastic Mail Alert – release 7.7.” In today’s tutorial, I’ll link these two use cases together. Use the Heartbeat provided by Elastic Stack to monitor the performance of a website. When the site goes down, it automatically sends an alert to Slack.

 

The installation

Elasticsearch

See my previous article “How to Install Elasticsearch on Linux, MacOS, and Windows” to install Elasticsearch. We can run it on this machine without modifying any configuration files.

Kibana

We can refer to my previous article “How to Install Kibana in an Elastic stack on Linux, MacOS, and Windows” for our installation.

To monitor the site, we must use the Start A 30-day trial authorization to send notifications to Slack:

 

Example website

We can find any website we like and spy on it. For convenience, we use the simplest nodejs site:

git clone https://github.com/liu-xiao-guo/samplenodejs
Copy the code

We use the above command to download and run it with the following command:

cd samplenodejs
npm install
npm start
Copy the code

And if that works, we can go to the browser and say localhost:3000 address:

If we can see the output above, our NodeJS site is up and running successfully. Next, we’ll use Heartbeat to monitor the health of the site.

Creating a Slack Account

We first need to create our own Slack account with administrator privileges:

See the link to “Configuring Slack Accounts” to configure your own Slack accounts and generate a corresponding Webhook URL. This URL will be used in Elasticsearch.

Above we can search for webhook:

Click Add above:

Click Add to Slack:

Select a favorite channel:

Click Add Incoming Webhooks Integration:

Let’s write down the webhook URL created above for the following configuration.

Heartbeat

Run our Elasticsearch and Kibana. Open the Kibana interface:

Click the Configure Heartbeat link above:

Depending on the platform of your computer, we choose the appropriate instructions to install Heartbeat and configure it accordingly. If you want to learn more, see my previous article “Uptime Monitoring with Heartbeat.”

According to my situation, I choose MacOS to proceed:

Curl - L - O https://artifacts.elastic.co/downloads/beats/heartbeat/heartbeat-7.7.0-darwin-x86_64.tar.gz tar XZVF Heartbeat - 7.7.0 - Darwin - x86_64. Tar. Gz CD heartbeat - 7.7.0 - Darwin - x86_64 /Copy the code

In the heartbeat directory we can see the following files:

$PWD/Users/liuxg/elastic7 / heartbeat - 7.7.0 - Darwin - x86_64 liuxg: heartbeat - 7.7.0 - Darwin - x86_64 liuxg $ls LICENSE. TXT fields.yml heartbeat.yml NOTICE.txt heartbeat kibana README.md heartbeat.reference.yml monitors.dCopy the code

Above, we can see the heartbeat.yml file. This is our configuration file. We then need to configure Heartbeat accordingly:

output.elasticsearch:
  hosts: ["<es_url>"]
  username: "elastic"
  password: "<password>"
setup.kibana:
  host: "<kibana_url>"
Copy the code

Above we configure Elasticsearch and Kibana. We wrote the addresses of Elasticsearch and Kibana to the heartbeat.yml configuration file. If you have security enabled, you need to enter usENAME and password.

We start with the following:

heartbeat.config.monitors:
  # Directory + glob pattern to search for configuration files
  path: ${path.config}/monitors.d/*.yml
  # If enabled, heartbeat will periodically check the config.monitors path for changes
  reload.enabled: false
  # How often to check for changes
  reload.period: 5s
Copy the code

Above, we can see path: ${path.config}/monitors. D /*.yml, which means that all yML files in monitors. We put the following parts:

heartbeat.monitors:
- type: http

  # List or urls to query
  urls: ["http://localhost:9200"]

  # Configure task schedule
  schedule: '@every 10s'

  # Total test connection and data exchange timeout
  #timeout: 16s
Copy the code

Comment because we want to move the monitored parts to the monitors. D subdirectory. So this part becomes:

heartbeat.monitors:
#- type: http

  # List or urls to query
  #urls: ["http://localhost:9200"]

  # Configure task schedule
  #schedule: '@every 10s'

  # Total test connection and data exchange timeout
  #timeout: 16s
Copy the code

Let’s save the heartbeat.yml file. Then, we go to the controlls.d file directory:

$CD monitors. D/liuxg: monitors. D liuxg $PWD/Users/liuxg elastic7 / heartbeat - 7.7.0 - Darwin - x86_64 / monitors. D liuxg:monitors.d liuxg$ ls sample.http.yml.disabled sample.icmp.yml.disabled sample.tcp.yml.disabledCopy the code

We see that the yML files in the above examples are disabled. Let’s copy the sample.http.disabled file as uptime.http.yml:

cp sample.http.yml.disabled uptime.http.yml
Copy the code

We then use our favorite editor to edit the file:

uptime.http.yml

# These files contain a list of monitor configurations identical # to the heartbeat.monitors section in heartbeat.yml # The .example extension on this file must be removed for it to # be loaded. - type: http # monitor type `http`. Connect via HTTP an optionally verify response # Monitor name used for job name and document  type #name: http # Enable/Disable monitor #enabled: true # Configure task schedule schedule: '@every 10s' # every 5 seconds from start of beat # Configure URLs to ping hosts: ["http://localhost:3000"] # Configure IP protocol types to ping on if hostnames are configured. # Ping all resolvable IPs if `mode` is `all`, or only one IP if `mode` is `any`. ipv4: true ipv6: true mode: any # Optional HTTP proxy url. #proxy_url: '' # Total test connection and data exchange timeout #timeout: 16s # Optional Authentication Credentials #username: '' #password: '' # TLS/SSL connection settings for use with HTTPS endpoint. If not configured # system defaults will be used. #ssl: # Certificate Authorities #certificate_authorities: [''] # Required TLS protocols #supported_protocols: ["TLSv1.0", "TLSv1.1", "TLSv1.2"] # Request Settings: # Configure HTTP method to use. Only 'HEAD', 'GET' and 'POST' methods are allowed. method: "GET" # Dictionary of additional HTTP headers to send: #headers: # Optional request body content #body: # Expected response settings check.response: # Expected status code. If not configured or set to 0 any status code not # being 404 is accepted. status: 200 # Required response headers. #headers: # Required response contents. #body: # Parses the body as JSON, then checks against the given condition expression #json: #- description: Explanation of what the check does # condition: # equals: # myField: expectedValue # The tags of the monitors are included in their own field with each # transaction published. Tags make it  easy to group servers by different # logical properties. #tags: ["service-X", "web-tier"] # Optional fields that you can specify to add additional information to the # monitor output. Fields can be scalar values, arrays, dictionaries, or any nested # combination of these. #fields: # env: staging # If this option is set to true, the custom fields are stored as top-level # fields in the output document instead of being grouped under a fields # sub-dictionary. Default is false. #fields_under_root: falseCopy the code

Above, we use HTTP GET to check whether the response code returned is 200 as a criterion. If the value is 200, the website is running properly. You can retrieve the response code using the following curl command:

$curl -i localhost: 200 HTTP/1.1 200 OK X-POWERed-By: Express content-type: text/ HTML; $curl -i localhost: 200 HTTP/1.1 200 OK X-powered-By: Express content-type: text/ HTML; charset=utf-8 Content-Length: 170 ETag: W/"aa-z+ebXSEdArbZ+EXlN/WQjf6HV8c" Date: Sun, 24 May 2020 12:33:55 GMT Connection: keep-aliveCopy the code

We can check if our configuration is successful using the following command:

./heartbeat test config -e
Copy the code

Following the command in Kibana, I need to execute the following command in the heartbeat installation directory:

./heartbeat setup
./heartbeat -e
Copy the code

$ ./heartbeat setup
Overwriting ILM policy is disabled. Set `setup.ilm.overwrite:true` for enabling.

Index setup finished.
Copy the code

Next we run heartbeat:

./heartbeat -e
Copy the code

We opened Kibana:

This shows our website localhost:3000 in action. So far the display is working. There’s nothing wrong with it. In the SamplenodJS console we can see the following output:

If we stop running the Samplenodejs application at this point, I can see:

It obviously shows how the site works. The current state of the website is Down, indicating that our website has been suspended. In the following exercises, we’ll use the functionality available in Elastic 7.7 for alert notifications. Let’s re-run our NodeJS site for the following test.

 

Send Slack Alerts

In this section, we’ll show you how to send an alert using the alert functionality provided by Elastic. Open Kibaba:

Click on the Create alert:

Click on the Slack:

Click Create a Connector:

Click the Save button above:

Click the Save button above:

So we created our Uptime Alert. We can check in Alerts and Actions:

It shows that our nodejs_monitor has been created. Next, let’s do the test. Let’s close the SamplenodeJS application. Then, we can also see it in Uptime in Kibanan:

At this point, we can see the following message in Slack:

It shows that our Uptime application has sent a message that the website has died. That means our alarm was successful. We’ll see more in a moment:

This is because it keeps sending this notification if there are five or more Down messages in the past 15 minutes. If at this point, we can get the NodeJS application running again. We won’t be able to see this notification for a while.

We showed you how to use heartbeat to monitor the performance of one site. If we want to monitor the performance of more sites, we can modify the uptime.http.yml file:

As shown above, hosts above is a number. We can add more web sites to this array, allowing us to monitor as many as several web sites.