update elastalert

2025-08-10 22:31:28 +02:00 · 2019-10-30 23:40:46 +08:00
parent 9fc9538617
commit dcf5a2295e
4 changed files with 16 additions and 10 deletions
--- a/elastalert/data/config.yaml
+++ b/elastalert/data/config.yaml
@@ -12,7 +12,7 @@ rules_folder: rules
 # How often ElastAlert will query elasticsearch
 # The unit can be anything from weeks to seconds
 run_every:
-  minutes: 1
+  minutes: 5

 # ElastAlert will buffer results from the most recent
 # period of time, in case some log sources are not in real time
@@ -46,4 +46,4 @@ writeback_index: elastalert_status
 # If an alert fails for some reason, ElastAlert will retry
 # sending the alert until this time period has elapsed
 alert_time_limit:
-  hours: 2
+  days: 2
--- a/elastalert/data/rules/example.yaml
+++ b/elastalert/data/rules/example.yaml
@@ -8,7 +8,10 @@ use_count_query: true
 num_events: 10

 timeframe:
-  hours: 1
+  minutes: 5
+
+realert:
+  minutes: 60

 filter:
 - query:
@@ -16,11 +19,10 @@ filter:
      query: 'response:[500 TO *]'

 alert:
+- command:
+    command: [echo, bad, things, happen]
 - slack:
    slack_webhook_url: https://hooks.slack.com/services/XXXXXXXXX/XXXXXXXXX/XXXXXXXXXXXXXXXXXXXXXXXX
    slack_username_override: ElastAlert
    slack_channel_override: '#monit'
    slack_emoji_override: ':bell:'
- command
-
-command: [echo, bad, things, happen]