Logstash handler for every check resault

Hello,

We are using the logstash handler to write the check results into our ELK cluster. Unfortunately it just writes the stat changes (e.g. OK -> critical). What we want is every check result into logstash even when the status keeps being “OK”.

Here the config:

“logstash”: {

“command”: “/etc/sensu/handlers/logstash.rb”,

“severities”: [

“ok”,

“warning”,

“critical”,

“unknown”

],

“type”: “pipe”

}

That happens by design only metric events are handled every time. Our solution is using filebeat to collect all server and client logs and send them to logstash. They can be parsed easily and you get check results even if the server is unreachable or something like that.