elastalert2
elastalert2 copied to clipboard
jertel
ElastAlert 2 is a continuation of the original yelp/elastalert project. Pull requests are appreciated!
The `top_events_%s` keys are not populated when there is only one matching result. Maybe the conditional linked below should return something more like `return {endtime: 1}` if the `res['hits']['total']['value'] ==...
Suppose the following scenario: 1. You have defined a spike rule with the following config (strongly inspired from the examples): ```yaml # (Required) # Rule name, must be unique name:...
If you are looking for support, please open a new discussion topic rather than creating a new issue. Others may find they have a similar question and will be able...
## Description Allows any color for Slack messages. Currently only 3 values are supported in the library, but I would like it to be any hex color value as per...
## Description Hi. For now it's still draft but I'm exploring how elastalert2 can comply with [Quickwit](https://quickwit.io/). To provide a bit of context: - I use to enjoy working with...
This PR fixes issue #1384.
## 1. Exception Log: ``` ERROR:elastalert:Traceback (most recent call last): File "elastalert2/elastalert/elastalert.py", line 1260, in handle_rule_execution num_matches = self.run_rule(rule, endtime, rule.get('initial_starttime')) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "elastalert2/elastalert/elastalert.py", line 883, in run_rule if not...
Hi, using `elastalert2==2.15.0` we encountered an error with jinja2 absolute template path not working: ```yaml jinja_template_path: /opt/elastalert/config/jinja_template.txt ``` It raises the following exception: ``` jinja2.exceptions.TemplateNotFound: /opt/elastalert/config/jinja_template.txt ``` Elastalert is installed...
## Description A rule for TheHive can currently only set a static severity with possible values being {1, 2, 3, 4}. The alerts in my project are highly dynamic with...
Good morning, An attempt has been made to run elastalert on Docker, version 2.2, with the following file: ``` es_host: *************** es_port: ******* alert: - debug description: Test Rule filter:...
