{%- if pillar.elasticsearch.server is defined or pillar.elasticsearch.client is defined %} {%- from "elasticsearch/map.jinja" import server, client with context %} server: alert: {%- if client.get('enabled', False) %} {%- raw %} ElasticsearchClusterHealthStatusYellow: if: >- elasticsearch_cluster_health_status == 2 labels: severity: warning service: elasticsearch annotations: summary: Elasticsearch cluster status is YELLOW description: >- The Elasticsearch cluster status is YELLOW for the last 5 minutes. ElasticsearchClusterHealthStatusRed: if: >- elasticsearch_cluster_health_status == 3 labels: severity: critical service: elasticsearch annotations: summary: 'Elasticsearch cluster status is RED' description: >- The Elasticsearch cluster status is RED for the last 5 minutes. {%- endraw %} {%- endif %} {%- if server.get('enabled', False) %} {%- raw %} ElasticsearchDown: if: >- elasticsearch_up{host=~'.*'} != 1 labels: severity: warning service: elasticsearch annotations: summary: 'Elasticsearch service down' description: 'Elasticsearch service is down on node {{ $labels.host }}' ElasticsearchClusterDiskLowWaterMark: if: >- (max(elasticsearch_fs_total_total_in_bytes) by (host, instance) - max(elasticsearch_fs_total_available_in_bytes) by (host, instance)) / max(elasticsearch_fs_total_total_in_bytes) by (host, instance) * 100.0 >= 85 for: 5m labels: severity: warning service: elasticsearch annotations: summary: 'Elasticsearch low disk watermark [85%] exceeded on node {{ $labels.host}} instance {{ $labels.instance }}' description: >- Elasticsearch will not allocate new shards to node {{ $labels.host }} ElasticsearchClusterDiskHighWaterMark: if: >- (max(elasticsearch_fs_total_total_in_bytes) by (host, instance) - max(elasticsearch_fs_total_available_in_bytes) by (host, instance)) / max(elasticsearch_fs_total_total_in_bytes) by (host, instance) * 100.0 >= 90 for: 5m annotations: summary: 'Elasticsearch high disk watermark [90%] exceeded on node {{ $labels.host}} instance {{ $labels.instance }}' description: >- Elasticsearch will not allocate new shards to node {{ $labels.host }} and will attempt to relocate shards to another node labels: severity: critical service: elasticsearch {%- endraw %} {%- endif %} {%- endif %}