1
0
mirror of https://github.com/vimagick/dockerfiles.git synced 2024-12-25 02:04:06 +02:00
dockerfiles/elastalert/data/rules/example.yaml
2019-10-30 20:04:37 +08:00

27 lines
514 B
YAML

name: example rule
es_host: elasticsearch
es_port: 9200
type: frequency
index: logstash-*
doc_type: _doc
use_count_query: true
num_events: 10
timeframe:
hours: 1
filter:
- query:
query_string:
query: 'response:[500 TO *]'
alert:
- slack:
slack_webhook_url: https://hooks.slack.com/services/XXXXXXXXX/XXXXXXXXX/XXXXXXXXXXXXXXXXXXXXXXXX
slack_username_override: ElastAlert
slack_channel_override: '#monit'
slack_emoji_override: ':bell:'
- command
command: [echo, bad, things, happen]