elastalert-tutorial
elastalert-tutorial copied to clipboard
Published
20 hours ago •
manankalra
manankalra
ElastAlert says it send email to @ but I never received any
That is how I configure my rule: `# Memory alert
(Optional)
Elasticsearch host
es_host: x.x.x.x
(Optional)
Elasticsearch port
es_port: 9200
(OptionaL) Connect with SSL to Elasticsearch
#use_ssl: True
(Optional) basic-auth username and password for Elasticsearch
#es_username: someusername #es_password: somepassword
(Required)
Rule name, must be unique
name: Memory Alert
(Required)
Type of alert.
type: metric_aggregation
aggregate: minutes: 1 realert: minutes: 0
(Required)
Index to search, wildcard supported
index: metricbeat-* metric_agg_key: system.memory.actual.used.pct metric_agg_type: avg
bucket_interval: seconds: 10 sync_bucket_interval: true #min_threshold: 0.1 max_threshold: 0.50 filter:
- term: metricset.name: memory
The alert is use when a match is found
alert:
- "debug"
- "email"
email:
- "name@domain"
- "name@domain"
from_addr: "[email protected]"
#smtp_auth_file: "/opt/elastalert/rules/smtp_auth_file.yaml"
`
That's the elastalert journal screen shot:
ES 7.1.1 is running on my server.
