elastalert icon indicating copy to clipboard operation
elastalert copied to clipboard
verified publisher icon Yelp

Added syslog alerter

Open monwolf opened this issue 8 years ago • 6 comments

I would like to contribute to your project with my basic syslog alerter.

monwolf avatar Nov 25 '17 18:11 monwolf

I don't understand why not passing the test.

monwolf avatar Dec 01 '17 10:12 monwolf

The test failure is unrelated to your code changes. A new version of pytest or some dev dependency caused the failures. It's now been fixed in master.

Qmando avatar Dec 05 '17 18:12 Qmando

Would be nice to get this one merged. What needs to be done?

admlko avatar Sep 04 '18 05:09 admlko

This can probably be merged. I'll take a look at it again.

In the meantime, you could try using command alerter + logger.

alert:
- command
command: ["/usr/bin/logger", "-t", "elastalert"]
pipe_match_json: true

Qmando avatar Sep 04 '18 20:09 Qmando

@Qmando Great news! Thanks for the suggestion, I'm using logger currently, but I haven't figured out a way to spoof hostname in the syslog message field. I would like to be able to rewrite what I want in that.

admlko avatar Sep 05 '18 05:09 admlko

@Qmando any update on this?

admlko avatar Sep 17 '18 09:09 admlko