mirror of
https://github.com/vimagick/dockerfiles.git
synced 2024-12-23 01:39:27 +02:00
30 lines
561 B
YAML
30 lines
561 B
YAML
name: example rule
|
|
is_enabled: true
|
|
es_host: elasticsearch
|
|
es_port: 9200
|
|
type: frequency
|
|
index: logstash-*
|
|
doc_type: _doc
|
|
use_count_query: true
|
|
num_events: 10
|
|
|
|
timeframe:
|
|
minutes: 5
|
|
|
|
realert:
|
|
minutes: 60
|
|
|
|
filter:
|
|
- query:
|
|
query_string:
|
|
query: 'response:[500 TO *]'
|
|
|
|
alert:
|
|
- command:
|
|
command: [echo, bad, things, happen]
|
|
- slack:
|
|
slack_webhook_url: https://hooks.slack.com/services/XXXXXXXXX/XXXXXXXXX/XXXXXXXXXXXXXXXXXXXXXXXX
|
|
slack_username_override: ElastAlert
|
|
slack_channel_override: '#monit'
|
|
slack_emoji_override: ':bell:'
|