2 - 24/7 Service Guard for Elasticsearch
Harness 24/7 Service Guard monitors your live applications, catching problems that surface minutes or hours following deployment. For more information, see 24/7 Service Guard Overview.
You can add your Elasticsearch monitoring to Harness 24/7 Service Guard in your Harness Application Environment. For a setup overview, see Elasticsearch Connection Setup.
24/7 Service Guard Setup
To set up 24/7 Service Guard for Elasticsearch, do the following:
- Ensure that you have added ELK Elasticsearch as a Harness Verification Provider, as described in Verification Provider Setup.
- In your Harness Application, ensure that you have added a Service, as described in Services. For 24/7 Service Guard, you do not need to add an Artifact Source to the Service, or configure its settings. You simply need to create a Service and name it. It will represent your application for 24/7 Service Guard.
- In your Harness Application, click Environments.
- In Environments, ensure that you have added an Environment for the Service you added. For steps on adding an Environment, see Environments.
- Click the Environment for your running microservice. Typically, the Environment Type is Production.
- In the Environment page, locate 24/7 Service Guard.
- In 24/7 Service Guard, click Add Service Verification, and then click ELK. The ELK dialog appears.
- Fill out the dialog. The dialog has the following fields.
The name that will identify this service on the Continuous Verification dashboard. Use a name that indicates the environment and monitoring tool, such as ELK.
The Harness Service to monitor with 24/7 Service Guard.
Select the ELK Verification Provider to use.
Enter search keywords for your query, such as error or exception.
Do not use wildcards in queries with Elasticsearch. ElasticSearch documentation indicates that wildcard queries this can become very expensive and take down the cluster.
Select TERM to finds documents that contain the exact term specified in the inverted index. MATCH queries accept text, numerics, and dates, analyze them, and construct a query. If you want the query analyzed, then use MATCH.
Enter the the index to search. This field is automatically populated from the index templates, if available.
Enter the field by which the messages are usually indexed. Typically, a log field.
To find the field in Kibana and enter it in Harness, do the following:
Enter the timestamp field in the Elasticsearch record, such as @timestamp.
Enter the format for the timestamp field in the Elasticsearch record. Use Kibana to determine the format.
In Kibana, use the Filter feature in Discover to construct your timestamp range:
Timestamp: 2018-08-24T21:40:20.123Z. Format: yyyy-MM-dd'T'HH:mm:ss.SSSX
Timestamp: 2018-08-30T21:57:23+00:00. Format: yyyy-MM-dd'T'HH:mm:ss.SSSXXX
For more information, see Data Math from Elastic.
Enable 24/7 Service Guard
Click the checkbox to enable 24/7 Service Guard.
Select the baseline time unit for monitoring. For example, if you select For 4 hours, Harness will collect the logs for the last 4 hours as the baseline for comparisons with future logs. If you select Custom Range you can enter a Start Time and End Time.
When you are finished, the dialog will look something like this:
- Click Test. Harness verifies the settings you entered.
- Click Submit. The ELK 24/7 Service Guard is configured.
To see the running 24/7 Service Guard analysis, click Continuous Verification.
The 24/7 Service Guard dashboard displays the production verification results.
For more information, see 24/7 Service Guard Overview.