elastalert icon indicating copy to clipboard operation
elastalert copied to clipboard
verified publisher icon bitsensor

Is there a way to make that work with ES 7.5 ?

Open romankor opened this issue 5 years ago • 4 comments 

01:49:00.977Z  INFO elastalert-server: Server:  Server started
01:49:01.822Z ERROR elastalert-server:
    ProcessController:  Traceback (most recent call last):
      File "/usr/lib/python2.7/runpy.py", line 174, in _run_module_as_main
        "__main__", fname, loader, pkg_name)
01:49:01.824Z ERROR elastalert-server:
    ProcessController:    File "/usr/lib/python2.7/runpy.py", line 72, in _run_code
        exec code in run_globals
      File "/opt/elastalert/elastalert/elastalert.py", line 1929, in <module>
        sys.exit(main(sys.argv[1:]))
      File "/opt/elastalert/elastalert/elastalert.py", line 1925, in main
        client.start()
      File "/opt/elastalert/elastalert/elastalert.py", line 1106, in start
01:49:01.826Z ERROR elastalert-server:
    ProcessController:      self.run_all_rules()
01:49:01.827Z ERROR elastalert-server:
    ProcessController:    File "/opt/elastalert/elastalert/elastalert.py", line 1158, in run_all_rules
01:49:01.829Z ERROR elastalert-server:
    ProcessController:      self.send_pending_alerts()
01:49:01.830Z ERROR elastalert-server:
    ProcessController:    File "/opt/elastalert/elastalert/elastalert.py", line 1534, in send_pending_alerts
01:49:01.831Z ERROR elastalert-server:
    ProcessController:      pending_alerts = self.find_recent_pending_alerts(self.alert_time_limit)
      File "/opt/elastalert/elastalert/elastalert.py", line 1526, in find_recent_pending_alerts
01:49:01.832Z ERROR elastalert-server:
    ProcessController:      size=1000)
      File "/usr/lib/python2.7/site-packages/elasticsearch-7.0.1-py2.7.egg/elasticsearch/client/utils.py", line 84, in _wrapped
01:49:01.833Z ERROR elastalert-server:
    ProcessController:      return func(*args, params=params, **kwargs)
01:49:01.834Z ERROR elastalert-server:
    ProcessController:  TypeError: search() got an unexpected keyword argument 'doc_type'

I am running that in kubernetes:

Image : bitsensor/elastalert :2.0.1

Startup line : command: ['sh', '-c', 'apk add py2-pip && pip install elasticsearch==6.3.1 && npm start']

I am getting it right you guys not want to develop that any more ? i see PR;s not being touched for half a year ...

romankor avatar Jan 09 '20 20:01 romankor

same issue here, the image is outdated, you need a more recent elastalert (as this is a wrapper around it) I currently solved rebuilding the latest 3.0.0-beta elastalert-server including elastalert version 0.2.1 this error is no more, but have issue with kibana python libs

15:39:39.092Z ERROR elastalert-server:
    ProcessController:      exec code in run_globals
      File "/opt/elastalert/elastalert/elastalert.py", line 28, in <module>
        from . import kibana
      File "elastalert/kibana.py", line 4, in <module>
        import urllib.error
    ImportError: No module named error

lcorsini avatar Jan 20 '20 15:01 lcorsini

I have been trying to make it work but no success so far ...

mrwhoo avatar Jan 22 '20 00:01 mrwhoo

The latest Elastalert requires python 3 to run -- see #117, #122, and #155 for possible solutions on how to go about that.

coandco avatar Feb 03 '20 17:02 coandco

thanks @coandco it was good to see your name again and I really wanted to see this update happen.

Checking against your pull request looks like it works as written on elasticsearch 7.5.0.

andrewbierbaum avatar Feb 09 '20 01:02 andrewbierbaum