Elasticsearch Policies

Policy name Duration Conditions Category Description
Cluster Health Degraded to Red 15 min elasticsearch.cluster_health.status has a static threshold < 1 CRITICAL The cluster health status is red which means that one or more primary shard(s) and its replica(s) is missing.
Cluster Health Degraded to Yellow 15 min elasticsearch.cluster_health.status is between 1 and 1.8 WARNING The cluster health status is yellow which means that one or more shard replica(s) is missing.
Elevated JVM Heap Usage 15 min elasticsearch.jvm.mem.heap_used_percent has an upper baseline deviation WARNING This policy will generate a warning event when the Elastic Search JVM’s heap usage is above 80%.
Disk space is more than 75% used on data node netuitive.linux.diskspace.avg_byte_percentused has a static threshold >75 WARNING The average utilization across your Elastic Search data node storage devices are more than 75%.
Elevated Fetch Time 30 min netuitive.linux.elasticsearch.indices._all.search.fetch_avg_time_in_millis has an upper baseline deviation WARNING This policy generates a warning event if the elasticsearch.indices._all.search.fetch_time_in_millis metric deviates above the baseline for 15 minutes or more.
Elevated Flush Time 30 min netuitive.linux.elasticsearch.indices._all.flush.avg_time_in_millis has an upper baseline deviation WARNING This policy generates a warning event if the elasticsearch.indices._all.flush.total_time_in_millis metric deviates above the baseline for 15 minutes or more.
Elevated Indexing Time 30 min netuitive.linux.elasticsearch.indices._all.indexing.index_avg_time_in_millis has an upper baseline deviation WARNING This policy generates a warning event if the elasticsearch.indices._all.indexing.index_time_in_millis metric deviates above the baseline for 15 minutes or more.
Reject Count Greater Than Zero 5 min elasticsearch.thread_pool.*.rejected has a static threshold >0 WARNING “This policy generates a warning if any of the Elastic Search thread pools has a “rejected” count greater than 0.”