Automated Elasticsearch Alerting and Azure DevOps Task Creation
detail.loadingPreview
This workflow automates the process of monitoring Elasticsearch for specific conditions or alerts. If an alert threshold is met, it automatically creates a new task or work item in Azure DevOps, streamlining incident response and task management.
About This Workflow
Proactively manage your systems with this powerful n8n workflow. Designed for DevOps teams and system administrators, it establishes a robust automated monitoring system. The workflow periodically queries your Elasticsearch cluster for critical events, errors, or anomalies. When a predefined alert condition is detected, it instantly creates a corresponding task in Azure DevOps, complete with relevant details. This eliminates manual checks, accelerates incident response, ensures no critical alerts are missed, and helps maintain a high level of operational efficiency and reliability for your applications and infrastructure.
Key Features
- Scheduled Monitoring: Automatically runs at a predefined schedule (e.g., daily at 12:15 PM) to continuously check for alerts.
- Elasticsearch Integration: Connects directly to your Elasticsearch cluster to query for specific data patterns, errors, or thresholds.
- Conditional Alerting: Intelligently evaluates query results to determine if an alert condition is met (e.g., if the number of errors exceeds a certain count).
- Automated Azure DevOps Task Creation: Upon detecting an alert, it creates a new work item (e.g., a Task) in a specified Azure DevOps project, ready for your team to address.
- Configurable Parameters: Easily customize the Elasticsearch query, alert conditions, and Azure DevOps task details (URL, authentication, content type).
How To Use
- Cron Trigger: Set your desired schedule for when the workflow should check for alerts. In the
triggerTimesfield, configure the hour and minute (e.g., 12:15 for 12:15 PM daily). - Elasticsearch Query: Configure this node to connect to your Elasticsearch cluster. Provide your Elasticsearch credentials and specify the query body (e.g.,
_searchAPI call) to search for the specific events or conditions you want to monitor. - Check for Alerts: Update the
conditionsin this If node. Thevalue1field uses an expression={{$json["hits"]["total"]["value"]}}to get the total number of hits from your Elasticsearch query. Modify theoperationand potentially add avalue2if you want to compare against a specific threshold (e.g.,greaterthan0to check if any hits exist, orgreaterOrEqualto10if you're looking for a count threshold). - Create Work Item (True Branch): If the "Check for Alerts" condition is true, this node will execute. Update the
urlfield to point to your specific Azure DevOps organization and project URL for creating work items (e.g.,https://dev.azure.com/<organization>/<project>/_apis/wit/workitems/$Task?api-version=7.1-preview.3). Configure theauthenticationmethod (e.g., Basic Auth with a Personal Access Token). In theBody Parameters(not shown in snippet but typically needed forhttpRequestto define task details), specify the JSON payload for the Azure DevOps task, including fields like title, description, and assigned user. - No Operation, do nothing (False Branch): This node handles the case where no alerts are found. No configuration is typically needed here.
Apps Used
Workflow JSON
{
"id": "dcbfd90c-0a12-4031-a201-e085fc2dee67",
"name": "Automated Elasticsearch Alerting and Azure DevOps Task Creation",
"nodes": 21,
"category": "DevOps",
"status": "active",
"version": "1.0.0"
}Note: This is a sample preview. The full workflow JSON contains node configurations, credentials placeholders, and execution logic.
Get This Workflow
ID: dcbfd90c-0a12...
About the Author
N8N_Community_Pick
Curator
Hand-picked high quality workflows from the global community.
Statistics
Related Workflows
Discover more workflows you might like
Effortless Bug Reporting: Slack Slash Command to Linear Issue
Streamline your bug reporting process by instantly creating Linear issues directly from Slack using a simple slash command. This workflow enhances team collaboration by providing immediate feedback and a structured approach to logging defects, saving valuable time for development and QA teams.
Automate Qualys Report Generation and Retrieval
Streamline your Qualys security reporting by automating the generation and retrieval of reports. This workflow ensures timely access to crucial security data without manual intervention.
Automated PR Merged QA Notifications
Streamline your QA process with this automated workflow that notifies your team upon successful Pull Request merges. Leverage AI and vector stores to enrich notifications and ensure seamless integration into your development pipeline.