mirror of
https://github.com/vimagick/dockerfiles.git
synced 2024-12-25 02:04:06 +02:00
27 lines
514 B
YAML
27 lines
514 B
YAML
name: example rule
|
|
es_host: elasticsearch
|
|
es_port: 9200
|
|
type: frequency
|
|
index: logstash-*
|
|
doc_type: _doc
|
|
use_count_query: true
|
|
num_events: 10
|
|
|
|
timeframe:
|
|
hours: 1
|
|
|
|
filter:
|
|
- query:
|
|
query_string:
|
|
query: 'response:[500 TO *]'
|
|
|
|
alert:
|
|
- slack:
|
|
slack_webhook_url: https://hooks.slack.com/services/XXXXXXXXX/XXXXXXXXX/XXXXXXXXXXXXXXXXXXXXXXXX
|
|
slack_username_override: ElastAlert
|
|
slack_channel_override: '#monit'
|
|
slack_emoji_override: ':bell:'
|
|
- command
|
|
|
|
command: [echo, bad, things, happen]
|