mirror of
https://github.com/vimagick/dockerfiles
synced 2024-06-16 11:58:47 +00:00
update elastalert
This commit is contained in:
parent
3e1c0d9d79
commit
cb3370fc15
@ -77,6 +77,7 @@ A collection of delicious docker recipes.
|
|||||||
- [x] cadvisor
|
- [x] cadvisor
|
||||||
- [x] casperjs :+1:
|
- [x] casperjs :+1:
|
||||||
- [x] collectd
|
- [x] collectd
|
||||||
|
- [x] elastalert
|
||||||
- [x] freegeoip
|
- [x] freegeoip
|
||||||
- [x] freeradius
|
- [x] freeradius
|
||||||
- [x] frp :cn:
|
- [x] frp :cn:
|
||||||
@ -269,7 +270,6 @@ A collection of delicious docker recipes.
|
|||||||
- [x] cachethq/docker
|
- [x] cachethq/docker
|
||||||
- [x] drone/drone
|
- [x] drone/drone
|
||||||
- [x] drupal
|
- [x] drupal
|
||||||
- [x] elastalert
|
|
||||||
- [x] elk
|
- [x] elk
|
||||||
- [x] flogo/flogo-docker
|
- [x] flogo/flogo-docker
|
||||||
- [x] mher/flower
|
- [x] mher/flower
|
||||||
|
@ -6,19 +6,25 @@ FROM python:3.6-alpine
|
|||||||
|
|
||||||
ENV ELASTALERT_VERSION=v0.2.1
|
ENV ELASTALERT_VERSION=v0.2.1
|
||||||
ENV ELASTALERT_HOME=/opt/elastalert
|
ENV ELASTALERT_HOME=/opt/elastalert
|
||||||
|
ENV TZ=UTC
|
||||||
|
|
||||||
WORKDIR ${ELASTALERT_HOME}
|
WORKDIR ${ELASTALERT_HOME}
|
||||||
|
|
||||||
RUN set -xe \
|
RUN set -xe \
|
||||||
|
&& apk add --no-cache \
|
||||||
|
bash \
|
||||||
|
curl \
|
||||||
|
libffi \
|
||||||
|
libmagic \
|
||||||
|
libssl1.1 \
|
||||||
|
musl \
|
||||||
|
tzdata \
|
||||||
&& apk add --no-cache -t .build-deps \
|
&& apk add --no-cache -t .build-deps \
|
||||||
build-base \
|
build-base \
|
||||||
curl \
|
|
||||||
libffi-dev \
|
libffi-dev \
|
||||||
libmagic \
|
|
||||||
musl-dev \
|
musl-dev \
|
||||||
openssl-dev \
|
openssl-dev \
|
||||||
python-dev \
|
python3-dev \
|
||||||
tzdata \
|
|
||||||
&& pip install elastalert==${ELASTALERT_VERSION} \
|
&& pip install elastalert==${ELASTALERT_VERSION} \
|
||||||
&& mkdir -p rules \
|
&& mkdir -p rules \
|
||||||
&& curl -sSL https://github.com/Yelp/elastalert/raw/${ELASTALERT_VERSION}/config.yaml.example > config.yaml \
|
&& curl -sSL https://github.com/Yelp/elastalert/raw/${ELASTALERT_VERSION}/config.yaml.example > config.yaml \
|
||||||
|
@ -7,11 +7,11 @@ patterns of interest from data in Elasticsearch.
|
|||||||
## up and running
|
## up and running
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
$ docker-compose up -d
|
$ docker-compose run --rm elastalert sh
|
||||||
$ docker-compose exec elastalert sh
|
>>> elastalert-create-index --config config.yaml
|
||||||
>>> cd /opt/elastalert/rules
|
>>> elastalert-test-rule --config config.yaml rules/example.yaml
|
||||||
>>> elastalert-test-rule example.yaml
|
|
||||||
>>> exit
|
>>> exit
|
||||||
|
$ docker-compose up -d
|
||||||
```
|
```
|
||||||
|
|
||||||
> ElastAlert will also load new rules, stop running missing rules, and restart
|
> ElastAlert will also load new rules, stop running missing rules, and restart
|
||||||
|
@ -7,8 +7,12 @@ type: frequency
|
|||||||
|
|
||||||
index: logstash-*
|
index: logstash-*
|
||||||
|
|
||||||
|
doc_type: _doc
|
||||||
|
|
||||||
num_events: 10
|
num_events: 10
|
||||||
|
|
||||||
|
use_count_query: true
|
||||||
|
|
||||||
timeframe:
|
timeframe:
|
||||||
hours: 1
|
hours: 1
|
||||||
|
|
||||||
@ -20,6 +24,4 @@ filter:
|
|||||||
alert:
|
alert:
|
||||||
- command
|
- command
|
||||||
|
|
||||||
command:
|
command: [echo, bad, things, happen]
|
||||||
- echo
|
|
||||||
- "{match[@timestamp]} {match[message]}"
|
|
||||||
|
Loading…
Reference in New Issue
Block a user