Slack bot is a way to automate tasks using code or scripts.
Bots are used for a variety of purposes, it can be for internal communications, promoting content, automatic replies, analytics, notifying groups, forwarding messages to third party etc.
Basic idea of a bot is to trigger code or a script which can then be used to manipulate data and take an action.
Most of us are familiar with chatbots. Slackbots are no different from chatbots except that these work only in Slack.
The use case we will be looking at in this article -
Kubernetes is the most popular container orchestrator currently available. It is already provided as a managed service by most cloud providers like Azure, AWS, GCP etc which shows the adaptability of Kubernetes in much less time.
There are multiple aspects of monitoring Kubernetes cluster and services using ELK and Beats.
For example, using Metricbeat to monitor resource metrics from nodes/pods/containers, Filebeat for system/container logs etc however, in this article we are going to specifically see how to monitor Kubernetes control plane services using Heartbeat.
Kubernetes Control Plane is responsible for coordinating with each node in the cluster, assigning work through…
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes.
Argo CD is implemented as a kubernetes controller which continuously monitors running applications and compares the current, live state against the desired target state (as specified in the Git repo). Argo CD reports & visualizes the differences, while providing facilities to automatically or manually sync the live state back to the desired target state. Any modifications made to the desired target state in the Git repo can be automatically applied and reflected in the specified target environments.
For more details refer — https://argoproj.github.io/argo-cd/
In this article, we will see…
Alerting lets you take action based on changes in your data. In ELK stack, we can create alerts using Watcher. In our previous post, we discussed all aspects of alerting in ELK.
We saw how we can leverage different channels for alerts like email, slack, webhook etc and set them as action in watcher.
This way we get alerts whenever service is down or metrics has reached certain threshold.
For instance, we are using webhook action to create tickets in JIRA or any other ticketing platform for tracking. Once alert is cleared in watcher we would also want the corresponding…
TechManyu is an online publication of technology posts, tutorials, and stories, from contributors all over the world.
We have been live since Feb 2015 and are growing consistently in content and viewer base . The purpose is to help you reach wider audience, share your knowledge and contribute back to the community.
We are just getting started !
Techmanyu is an online publication on Medium.com so to publish an article with us you must have a Medium account.
Click on the “Sign Up” button in the upper right corner if you want to create an account on Medium.
Alerting lets you take action based on changes in your data. It is designed around the principle that, if you can query something in Elasticsearch, you can alert on it. Simply define a query, condition, schedule, the actions to take, and Alerting will do the rest.
Till ElasticSearch v7.6, Watcher was the only way to setup alerting in ELK. Starting v7.7 Alerting is integrated with APM, Metrics, SIEM, Uptime, can be centrally managed from the Management UI, and provides a set of built-in actions and alerts for you to use. We will go through both the options.
ELK (Elastic, Logstash and Kibana) is one of the top used logging and monitoring solution as of today primary because its open source and the range of features it provides latest one being Elastic APM (Application Performance Monitoring).
Be it any product that you setup and use in a landscape, performance is something which decides its fate. If you are investing or using a logging and monitoring solution which is slow or unstable then it won’t sustain. That’s why performance benchmarking becomes imperative to know if your solution is setup properly with optimal configurations and results should reflect that.
Watcher is an Elasticsearch feature that you can use to create actions based on conditions, which are periodically evaluated using queries on your data. Watches are helpful for analyzing mission-critical and business-critical streaming data. For example, you might watch application logs for performance outages or audit access logs for security threats.
Watcher is provided as part of x-pack license. Details on x-pack settings to enable watcher-
For details on watcher and how to get started with creating alerts-
Now coming back to the problem statement — How to configure watcher alerts for multiple slack channels?
Consider there are 2 slack…
Most common entities that need to be secured in microservices based applications are -
Cloud and DevOps Professional with keen interest in System Design & Architecture. SRE | MultiCloud | Kubernetes (CKA) | Microservices | Automation | Ops