Monitor Elasticsearch clusters, nodes, and indexes, remotely or locally, via API.
1 of 5Elasticsearch dashboard
Get started
Overeview
Monitor your Elasticsearch clusters, nodes, and indexes, as well as use the Unified Analysis pages to analyze the health of Elasticsearch clusters and drill down into individual metrics.
Use cases
Monitor health and performance of your Elasticsearch cluster using built-in analysis pages and easy-to-navigate dashboards.
Benefit from root cause analysis of an Elasticsearch cluster, nodes, and index performance issues.
Enable alerts based on detected anomalies.
Look for analysis support for Ops, IT, and Network admins.
Requirements
The Elasticsearch extension uses the following Elasticsearch endpoints to scrape metrics:
/_cluster/health
/_all/_stats?level=shards
/_nodes/stats
/_alias
/_cat/shards
According to the Elasticsearch documentation, the user defined in the extension monitoring configuration requires the following permissions:
The Elasticsearch extension connects to the Elasticsearch cluster via API. The cluster must be reachable from the ActiveGate where the extension has been activated.
A OneAgent-instrumented host can run this extension too, so the Elasticsearch cluster can be monitored from OneAgent by pointing to the localhost network address. However, if you activate this extension on multiple hosts in the same cluster, you receive the same cluster data multiple times. For this reason, activate the extension only on one host in a cluster if you decide to run it locally.
The Elasticsearch extension supports Elasticsearch version 8.0 or higher.
Activation and setup
In Dynatrace, download the Elasticsearch extension, and then select Add monitoring configuration next to an extension version under the Versions list.
Select the host you want to monitor, and define the URL of the Elasticsearch instance and the credentials to connect to it.
Select the feature sets containing the metrics you want to import.
Details
The Elasticsearch extension is built on the new Extension 2.0 framework that utilizes a built-in Elasticsearch metric exporter. The Unified Analysis page provide insight into the health and performance of your Elasticsearch clusters.
The Elasticsearch extension package contains:
Data source configuration for metric ingestion.
Topology and relationship definitions for Elasticsearch clusters and their nodes, indexes, disks, and thread pools.
Unified Analysis pages for every entity (accessible from the dashboard).
Overview dashboard.
Alerts for several key metrics:
Total CPU Util > 85%
Filesystem Usage > 80%
Open File Descriptors > 80% of Max File Descriptors
Heap Used > 85%
Rejected Threads > 300
FAQ
The formula for DDU consumption of the extension is as follows:
((12 * number of clusters)
+ (53 * number of nodes)
+ (47 * number of indexes)
+ ( 5 * number of disks)
+ ( 5 * number of thread pools)) * 525.6 DDUs/year
When activating your extension using monitoring configuration, you can limit monitoring to one of the feature sets. To work properly the extension has to collect at least one metric after the activation.
In highly segmented networks, feature sets can reflect the segments of your environment. Then, when you create a monitoring configuration, you can select a feature set and a corresponding ActiveGate group that can connect to this particular segment.
All metrics that aren't categorized into any feature set are considered to be the default and are always reported.
A metric inherits the feature set of a subgroup, which in turn inherits the feature set of a group. Also, the feature set defined on the metric level overrides the feature set defined on the subgroup level, which in turn overrides the feature set defined on the group level.
