elastalert2 icon indicating copy to clipboard operation
elastalert2 copied to clipboard

Published 20 hours ago verified publisher icon jertel

Updating IRIS Alerter to use ElastAlert Alerter defaults

Open bvirgilioamnh opened this issue 5 months ago • 1 comments

Description

Currently the IRIS alert uses rule supplied values for the description and simply uses the rule title for the alert title. This significantly reduces the ability to dynamically create/repurpose alerts as the rule creator must tailor each individual alert with a custom description. Additionally this description field as it stands does not resolve any variable or template fields resulting in a static description for all alerts.

This PR aims to resolve this by using the built in create_alert_body() and create_title() functions within the Alerter class.

As this is possibly a breaking change I'm opening this PR as a draft for discussion.

Checklist

  • [x] I have reviewed the contributing guidelines.
  • [ ] I have included unit tests for my changes or additions.
  • [ ] I have successfully run make test-docker with my changes.
  • [ ] I have manually tested all relevant modes of the change in this PR.
  • [ ] I have updated the documentation.
  • [ ] I have updated the changelog.

Questions or Comments

Do not merge this PR until discussed! :)

bvirgilioamnh avatar Sep 09 '24 13:09 bvirgilioamnh