How to setup alerts based on application logs?

We are looking to replace a vendor product which can be configured to monitor log files for certain patterns like Exceptions or ERROR.
I am trying to use influxData tools for this. I managed to setup Telegraf to gork the log file and feed them to influx db. I could see that log data to an extent in Grafana and plot a graph as well. However I cannot use Prometheus for alerts as it doesn’t fit in our security requirements. I am looking at Kapacitor and Chronograf however I dont see how can I use string data to setup alerts in Kapacitor/Chronograf.
Has anyone done this before? Any inputs will be greatly appriciated.

Thanks

It looks like I have to write TICK script something like this

stream
    |from()
        .measurement('sample_log')
    |alert()
        .crit(lambda: string("severity") == 'ERROR')
        .log('/tmp/alerts.log')

This topic was automatically closed 60 minutes after the last reply. New replies are no longer allowed.