- 01 May 2023
- 1 Minute to read
- DarkLight
Elasticsearch
- Updated on 01 May 2023
- 1 Minute to read
- DarkLight
Elasticsearch is a distributed, free, open search and analytics engine for all types of data, including textual, numerical, geospatial, structured, and unstructured. Known for its REST APIs, distributed nature, speed, and scalability, Elasticsearch is a central component of the Elastic Stack, a set of free and open tools for data ingestion, enrichment, storage, analysis, and visualization.
Create an Elasticsearch trigger integration in Torq
Perform the following steps in Torq.
- Go to Integrations > Triggers, search for the Elasticsearch card, and click Add.
- Give the integration a meaningful name.
- Copy the authentication header secret and save it. You'll need it to create a Torq connector in Kibana.
- Click Add.
- Copy the integration endpoint to use in Kibana.
Create a Torq connector in Kibana
Perform the following steps in Kibana.
- Go to Stack Management > Connectors.
- Select Create connector.
- Locate and select the Torq connector.
- Configure the Torq connector:
- Give the connector a meaningful name.
- Provide the secret you copied in the previous section as the Torq integration token.
- Provide the integration endpoint you copied in the last section as the Torq endpoint URL.
- Click Save & test.
- In the Create an action section, enter a valid JSON for the connector to send to Torq.
- In the Run and test section, click Run.
- Check the Last Event column on the Elasticsearch integrations page to verify that the integration you created got an event.
Use Elasticsearch to trigger a workflow in Torq
- Use the Torq connector as an action in Elasticsearch rules.
- Modify the action body according to your needs.
- Create a workflow in Torq and set the Elasticsearch integration you created as the trigger.
- When the rule criteria are met, the action body will be sent to Torq, and the workflow you created will be triggered.
Available steps
These are the public steps for Elastic. Don't see the step you need? No problem; you can easily create a custom step.
- Get a list of pending tasks
- Get hot threads
- Get information about nodes
- Get information for a cluster
- Get stats for a cluster
- Get stats for all nodes
- Get the health of a cluster