elastalert-server job from praeco/0.2.0

Github source: 47cc17e or master branch

Properties¶

elastalert¶

alert_time_limit¶

the retry window for failed alerts.

Default

days: 2

buffer_time¶

the size of the query window, stretching backwards from the time each query is run.

Default

minutes: 15

es_host¶

the address of an Elasticsearch cluster where ElastAlert will store data about its state, queries run, alerts, and errors.

Default

localhost

es_port¶

the port corresponding to es_host.

Default

"9200"

rules¶

List of ElastAlert rules

Example

|+
  - name: Example rule
    type: frequency
    index: logstash-*
    num_events: 50
    timeframe:
        hours: 4
    filter:
    - term:
        some_field: "some_value"
    alert:
    - "email"
    email:
    - "[email protected]"

rules_folder¶

The name of the folder which contains rule configuration files.

Default

/var/vcap/jobs/elastalert/rules

run_every¶

how often ElastAlert will query Elasticsearch.

Default

minutes: 1

writeback_index¶

the name of the index in which ElastAlert will store data.

Default

elastalert_status

Templates¶

Templates are rendered and placed onto corresponding instances during the deployment process. This job's templates will be placed into /var/vcap/jobs/elastalert-server/ directory (learn more).

• bin/ctl (from bin/ctl)
• bin/ctl_utils.sh (from bin/ctl_utils.sh)
• bin/pre-start (from bin/pre-start.sh)
• config/config.json (from config/config.json.erb)
• config/config.yaml (from config/elastalert.yaml)

Packages¶

Packages are compiled and placed onto corresponding instances during the deployment process. Packages will be placed into /var/vcap/packages/ directory.

• elastalert-server
• node