How to Monitor Elasticsearch Cluster Using eG Enterprise?

eG Enterprise monitors the Elasticsearch Single-node Cluster using an agent based or agentless approach. In case of the agentless approach, an eG agent used to monitor the cluster should be deployed on a remote Windows host in the environment. Regardless of the approach (agent-based or agentless), the eG agent makes RESTful API calls to connect to the cluster to pull metrics related to availability, health and search performance of the cluster. For this purpose, each test that the eG agent runs on the Elasticsearch cluster should be configured with the credentials of a user who has privileges to make RESTful API calls to the cluster.

By default, the eG agent will not require any authentication to collect metrics from the cluster. In some highly secured environments, to prevent unauthorized access to the Elasticsearch cluster, administrators secure the cluster using security plugins such as X-Pack, Shield, etc. In such environments, to collect metrics, you may have to configure the tests with the credentials of a user who has privileges to access the cluster via the security plugin.

Enabling JMX Support

To collect JVM related metrics from the Elasticsearch cluster, enable JMX support for the Elasticsearch. follow the steps discussed below;

  • Stop the Elasticsearch cluster.
  • Open the elasticsearch.in.sh file in the <ELASTIC-INSTALL-DIRECTORY>>/bin/ folder.

  • Search for the [JAVA_OPTS="$JAVA_OPTS -Xmx${ES_MAX_MEM}"] line in the elasticsearch.in.sh file. Then, add the following lines after the above-mentioned line:

    JAVA_OPTS="$JAVA_OPTS -Dcom.sun.management.jmxremote.ssl=false"
    JAVA_OPTS="$JAVA_OPTS -Dcom.sun.management.jmxremote.authenticate=false"
    JAVA_OPTS="$JAVA_OPTS -Dcom.sun.management.jmxremote.port=<<PORT NUMBER>>"
    JAVA_OPTS="$JAVA_OPTS -Djava.rmi.server.hostname=<<IP address>>"

    Here,

    <<PORT NUMBER>> denotes Any port number which you wish to listen

    <<IP address>> is the IP address of the host on which the Elasticsearch is running

    For example:

    JAVA_OPTS="$JAVA_OPTS -Dcom.sun.management.jmxremote.ssl=false"
    JAVA_OPTS="$JAVA_OPTS -Dcom.sun.management.jmxremote.authenticate=false"
    JAVA_OPTS="$JAVA_OPTS -Dcom.sun.management.jmxremote.port=4444"
    JAVA_OPTS="$JAVA_OPTS -Djava.rmi.server.hostname=192.168.9.90"

  • Save the <<Elastic-Install-Directory>>/bin/elasticsearch.in.sh file
  • Start the Elasticsearch server.
  • Ensure that JMX is listening by executing netstat -an | grep "LIST" command

Once the above-said pre-requisites are set in place, manage the Elasticsearch component to start monitoring the target cluster. The steps for managing the Elasticsearch component are explained in Managing Elasticsearch Cluster.