\u5f00\u53d1\u8005\uff1aElastic
\n\u6536\u8d39\u7684<\/p>\n
\u8ba9\u6211\u4eec\u5f00\u59cb\u4f7f\u7528 Watcher<\/p>\n
\u5c1d\u8bd5\u4f7f\u7528Elasticsearch\u8b66\u62a5\u68c0\u6d4b\u63d2\u4ef6\u201cWatcher\u201d
\n\u9047\u5230\u548c\u5e94\u5bf9Elastic Stack\u8b66\u62a5\u7684\u95ee\u9898\u4e0e\u89e3\u51b3\u65b9\u6cd5
\n\u53ef\u89c6\u5316Elastic Stack\u9884\u8b66\u68c0\u6d4b\u7ed3\u679c-\u5f02\u5e38\u68c0\u6d4b\u901a\u77e5
\n\u4f7f\u7528Elasticsearch\u63d2\u4ef6\u201cShield\u201d\u548c\u201cWatcher\u201d\u8fdb\u884c\u975e\u6cd5\u8bbf\u95ee\u5ba1\u8ba1
\n\u5c1d\u8bd5\u4f7f\u7528Elastic Stack\u7684X-Pack\uff08Watcher\u90e8\u5206\uff09<\/p>\n
\u5f00\u53d1\u8005\uff1a\u5f39\u6027\u641c\u7d22<\/p>\n
<\/p>\n
\u4f7f\u7528Elastic Stack\u3001Prometheus\u548cFluentd\u76f8\u7ed3\u5408\u6765\u76d1\u89c6Kubernetes\u3002
\n\u53c2\u8003\u6587\u7ae0\u94fe\u63a5\uff1ahttps:\/\/www.elastic.co\/jp\/blog\/monitoring-kubernetes-with-the-elastic-stack-using-prometheus-and-fluentd<\/p>\n
\u5728 Prometheus \u7684\u90e8\u7f72\u4e2d\uff0cAlertmanager \u88ab\u7981\u7528\u4e86\u3002\u5982\u679c\u4f7f\u7528 Elastic Stack \u6536\u96c6\u65e5\u5fd7\u548c\u6307\u6807\uff0c\u53ef\u4ee5\u4f7f\u7528 Kibana Alert \u6765\u5b9e\u73b0\u8b66\u62a5\u529f\u80fd\uff0c\u800c\u4e0d\u662f\u4f7f\u7528 Alertmanager\u3002\u4e0d\u4ec5\u53ef\u4ee5\u5229\u7528 Prometheus \u7684\u6307\u6807\uff0c\u8fd8\u53ef\u4ee5\u5229\u7528 Elasticsearch \u4e2d\u5b58\u50a8\u7684\u65e5\u5fd7\u548c\u5176\u4ed6\u7d22\u5f15\u7684\u6570\u636e\uff0c\u8fd8\u53ef\u4ee5\u5b9e\u73b0\u66f4\u9ad8\u7ea7\u7684\u57fa\u4e8e\u673a\u5668\u5b66\u4e60\u7684\u8b66\u62a5\u529f\u80fd\u3002<\/p><\/blockquote>\n
\u5f39\u6027\u8b66\u62a5<\/h2>\n
\u5f00\u53d1\u8005\uff1aYelp
\n\u4f7f\u7528Python\u8fdb\u884c\u5f00\u53d1\u3002
\n\u4f7f\u7528Python\u5e93”elasticsearch-py”\u3002
\nhttps:\/\/pypi.org\/project\/elasticsearch\/
\n\u91c7\u7528Apache License 2.0\u8bb8\u53ef\u8bc1
\n\u7248\u672c\u4e3a0.2.4 (2020\/04\/17)
\nhttps:\/\/pypi.org\/project\/elastalert\/<\/p>\n\u30fb\u4ec5\u4ec5\u57fa\u4e8e\u547d\u4ee4\u548c\u8bbe\u7f6e\u6587\u4ef6\uff08YAML\uff09\u8fdb\u884c\u64cd\u4f5c\u3002
\n\u30fb\u4ece0.2.0b2\u5f00\u59cb\u652f\u6301Elasticsearch 7.x\u3002
\n\u30fb\u4ece0.2.0\u5f00\u59cb\u652f\u6301Python3\u3002
\n\u30fb\u4e0d\u518d\u4fee\u590d\u9519\u8bef\u6216\u6dfb\u52a0\u529f\u80fd\u3002
\n\u30fb\u4e0d\u652f\u6301Python 3.9\u53ca\u4ee5\u4e0a\u7248\u672c\u3002
\n\u30fb\u4e0d\u652f\u6301Elasticsearch 8\u3002
\n\u8bf7\u4e0d\u8981\u8ba9\u5b83\u6d88\u4ea1\u3002ElastAlert\u7684\u7528\u4f8b\u975e\u5e38\u5f3a\u5927\u3002\uff032947
\n\u662f\u5426\u6709\u5176\u4ed6\u4eba\u6765\u7ef4\u62a4\u8fd9\u4e2a\u9879\u76ee\uff1f\uff032946
\nElastAlert\u9879\u76ee\u7684\u73b0\u72b6\uff032911<\/p>\nAWS\u7684OpenSearch<\/p>\n
\n
- \n
\u5bfe\u5fdc\u3057\u3066\u3044\u306a\u3044\u3002\u6b63\u5e38\u306b\u52d5\u304b\u306a\u3044(\u5185\u90e8\u306eElasticsearch \u30d0\u30fc\u30b8\u30e7\u30f3\u306f7.10.2\u3060\u304c\u3001\u30d0\u30fc\u30b8\u30e7\u30f3\u30921.0.0\u3068\u8fd4\u3057\u3066\u3057\u307e\u3046\u3002\u30d0\u30fc\u30b8\u30e7\u30f3\u30c1\u30a7\u30c3\u30af\u3067Elasticsearch 5\u306e\u51e6\u7406\u306b\u3044\u3063\u3066\u3057\u307e\u3046)<\/ul>\n<\/li>\n<\/ul>\n
<\/p>\n
ElastAlert2\u306f\u5bfe\u5fdc\u3092\u958b\u59cb\u3057\u305f\u3002<\/ul>\n
Elasticsearch\u7684Bearer\u8ba4\u8bc1<\/p>\n
\n
- \n
\u5bfe\u5fdc\u3057\u3066\u3044\u306a\u3044\u3002<\/ul>\n<\/li>\n<\/ul>\n
<\/p>\n
ElastAlert2\u306f\u5bfe\u5fdc\u3057\u3066\u308b\u3002<\/ul>\n
Elasticsearch\u7684ApiKey\u8ba4\u8bc1\u65b9\u5f0f.<\/p>\n
\n
- \n
\u5bfe\u5fdc\u3057\u3066\u3044\u306a\u3044\u3002<\/ul>\n<\/li>\n<\/ul>\n
<\/p>\n
ElastAlert2\u306f\u5bfe\u5fdc\u3057\u3066\u308b\u3002<\/ul>\n
Elasticsearch\u7684\u4ee3\u7406\u8fde\u63a5<\/p>\n
\u7f3a\u5c11\u4ee3\u7406\u914d\u7f6e\u529f\u80fd<\/p>\n
\n
- \n
\u5bfe\u5fdc\u3057\u3066\u3044\u306a\u3044\u3002<\/ul>\n<\/li>\n<\/ul>\n
<\/p>\n
ElastAlert2\u3082\u5bfe\u5fdc\u3057\u3066\u3044\u306a\u3044\u3002<\/ul>\n
Python 3.9\u53ca\u5176\u4ee5\u540e\u7684\u7248\u672c\u65e0\u6cd5\u6b63\u5e38\u8fd0\u884c\u3002<\/p>\n
\u5728Python 3.9\u4e2d\uff0cblist\u4e0d\u518d\u8d77\u4f5c\u7528\u3002
\nElastalert\u5728Python 3.9\u4e0a\u7531\u4e8eblist\u4f9d\u8d56\u9879\u51fa\u73b0\u6545\u969c\u3002<\/p>\nElastAlert2\u306f\u5bfe\u5fdc\u3057\u3066\u308b\u3002<\/ul>\n
\u53ea\u6709\u6309\u7167\u4ee5\u4e0b\u65b9\u5f0f\u7f16\u5199\uff0cAWS SNS\u624d\u80fd\u6b63\u5e38\u8fd0\u884c\u3002<\/p>\n
alert<\/span>:<\/span>\r\n -<\/span> sns<\/span>:<\/span>\r\n aws_region<\/span>:<\/span> '<\/span>us-east-1'<\/span>\r\n sns_topic_arn<\/span>:<\/span> '<\/span>arn:aws:sns:us-east-1:123456789:somesnstopic'<\/span>\r\n aws_access_key_id<\/span>:<\/span> '<\/span>XXXXXXXXXXXXXXXXXX'<\/span>\r\n aws_secret_access_key<\/span>:<\/span> '<\/span>YYYYYYYYYYYYYYYYYYYY'<\/span>\r\n<\/code><\/pre>\n\u5f53\u641c\u7d22\u7ed3\u679c\u8d85\u8fc710,000\u6761\u65f6\uff0c\u5728\u641c\u7d22\u7ed3\u679c\u9875\u9762\u5c06\u663e\u793a10,000\u6761\u4ee5\u4e0a\u3002<\/p>\n
\u5982\u679c\u5c06track_total_hits\u8bbe\u7f6e\u4e3atrue\uff0c\u5c31\u53ef\u4ee5\u641c\u7d22\u8d85\u8fc710,000\u6b21\u547d\u4e2d\u7684\u7ed3\u679c\uff0c\u4f46\u662f\u5f53\u524d\u7684\u5b9e\u73b0\u4e0d\u652f\u6301\u5c06track_total_hit\u8bbe\u7f6e\u4e3atrue\u7684\u914d\u7f6e\u66f4\u6539\u3002<\/p>\n
\u5f53\u5c06Elasticsearch\u5347\u7ea7\u81f37.X\u7248\u672c\u540e\uff0c\u547d\u4e2d\u6570(hits)\u53d8\u4e3a10,000\u3002<\/p>\n
\u5728\u9ed1\u540d\u5355\u3001\u767d\u540d\u5355\u4e2d\uff0c\u6709\u4e00\u4e2a1024\u7684\u9650\u5236\u3002<\/p>\n
\u9ed1\u540d\u5355\u8fc7\u6ee4\u5668\u5305\u542b10,000\u591a\u4e2a\u6761\u76ee\uff0c\u901f\u5ea6\u6781\u6162
\n\u5f53\u6587\u4ef6\u4e2d\u7684\u9ed1\u540d\u5355\u89c4\u5219\u8d85\u8fc71024\u4e2a\u6761\u76ee\u65f6\uff0c\u201c\u89e3\u6790\u67e5\u8be2\u5931\u8d25\u201d
\n\u9ed1\u540d\u5355\u884c\u6570\u9650\u5236<\/p>\n\u7535\u5b50\u90ae\u4ef6\u63d0\u9192\u7684\u9650\u5236<\/p>\n
\n
- \n
Microsoft 365(\u65e7\u540d\u79f0Office 365)\u306ffrom_addr\u306b\u8a2d\u5b9a\u306b\u5bfe\u5fdc\u3057\u3066\u3044\u307e\u305b\u3093\u3002to,cc,bcc\u306b\u6307\u5b9a\u306f\u554f\u984c\u7121\u3057\u3002<\/ul>\n<\/li>\n<\/ul>\n
<\/p>\n
Gmail\u3092from_addr\u306b\u8a2d\u5b9a\u3059\u308b\u5834\u5408\u3001Google\u306e\u8a2d\u5b9a\u3067\u5b89\u5168\u6027\u306e\u4f4e\u3044\u30a2\u30d7\u30ea\u306e\u30a2\u30af\u30bb\u30b9\u3092\u6709\u52b9\u306b\u3057\u306a\u3044\u3068\u30e1\u30fc\u30eb\u306e\u9001\u4fe1\u304c\u3067\u304d\u307e\u305b\u3093\u3002<\/ul>\n
Kibana\u7684\u4eea\u8868\u76d8\u76f8\u5173\u529f\u80fd\u65e0\u6cd5\u6b63\u5e38\u8fd0\u884c\u3002<\/p>\n
\u76ee\u524d\u7684Elasticsearch\u7248\u672c\u547d\u540d\u4e3a.kibana*\uff0c\u4f46\u6211\u4eec\u7684\u5185\u90e8\u903b\u8f91\u4e2d\u5f15\u7528\u4e86kibana-int\u8fd9\u4e2a\u7d22\u5f15\u3002\u56e0\u6b64\uff0c\u6211\u4eec\u5fc5\u987b\u4fee\u6539\u7a0b\u5e8f\u624d\u80fd\u6b63\u5e38\u8fd0\u884c\u3002\u53e6\u5916\uff0c\u5173\u4e8eDashboard\u7684\u903b\u8f91\u4e5f\u4e0d\u517c\u5bb9Elasticsearch 7\u3002<\/p>\n
\n
- \n
elastalert-rule-from-kibana<\/ul>\n<\/li>\n<\/ul>\n
<\/p>\n
\n
- \n
use_kibana_dashboard<\/ul>\n<\/li>\n<\/ul>\n
<\/p>\n
\n
- \n
use_kibana4_dashboard<\/ul>\n<\/li>\n<\/ul>\n
<\/p>\n
\n
- \n
kibana4_start_timedelta<\/ul>\n<\/li>\n<\/ul>\n
<\/p>\n
\n
- \n
kibana4_end_timedelta<\/ul>\n<\/li>\n<\/ul>\n
<\/p>\n
download_dashboard<\/ul>\n
\u4e0b\u8f7d\u4eea\u8868\u677f\u6587\u4ef6\u5b58\u5728\u95ee\u9898\u3002
\n\u4eea\u8868\u677f\u6587\u4ef6\u7684\u4e0b\u8f7d\u94fe\u63a5\u5982\u4e0b\uff1a
\nhttps:\/\/elastalert.readthedocs.io\/en\/latest\/recipes\/writing_filters.html#loading-filters-directly-from-kibana-3
\nhttps:\/\/github.com\/Yelp\/elastalert\/issues\/1481<\/p>\n\u5f53\u524d\u7684\u5199\u4f5c<\/p>\n
filter:\r\n download_dashboard: \"My Dashboard Name\"\r\n<\/code><\/pre>\n\u51c6\u786e\u7684\u8bb0\u5f55<\/p>\n
filter:\r\n - term:\r\n download_dashboard: \"My Dashboard Name\"\r\n<\/code><\/pre>\nElastAlert\u7684\u8b66\u62a5\u901a\u77e5\u63a5\u6536\u8005<\/h4>\n
<\/p>\n
\n\u30a2\u30e9\u30fc\u30c8\u901a\u77e5\u5148\u5099\u8003Command\u30a2\u30e9\u30fc\u30c8\u901a\u77e5\u78ba\u8a8d\u6e08Email\u30a2\u30e9\u30fc\u30c8\u901a\u77e5\u78ba\u8a8d\u6e08
\ngmail\u307e\u305f\u306foffice365\u3067\u3046\u307e\u304f\u3044\u304b\u306a\u3044\u3068\u3044\u3046issue\u3092\u898b\u304b\u3051\u308b\u554f\u984c\u3042\u308a\u305d\u3046\u3002gmail\u307e\u305f\u306foffice365\u306ffrom_addr\u306b\u6307\u5b9a\u3057\u306a\u3051\u308c\u3070\u5927\u4e08\u592bJira\u4ee5\u4e0b\u306e\u3082\u306e\u304c\u30c9\u30ad\u30e5\u30e1\u30f3\u30c8\u306b\u8a18\u8f09\u3057\u5fd8\u308c\u3066\u3044\u308b
\n\u30fbjira_assignee
\n\u30ab\u30b9\u30bf\u30e0\u30d5\u30a3\u30fc\u30eb\u30c9\u3067\u6b63\u5e38\u306b\u52d5\u304b\u306a\u3044\u60c5\u5831\u3042\u308a
\nJira customfield not taking argument #3073<\/a>
\nTrying to assign Epic Link to Jira ticket #3108<\/a>OpsGenie\u4ee5\u4e0b\u306e\u3082\u306e\u304c\u30c9\u30ad\u30e5\u30e1\u30f3\u30c8\u306b\u8a18\u8f09\u3057\u5fd8\u308c\u3066\u3044\u308b
\n\u30fbopsgenie_addr
\n\u30fbopsgenie_proxy
\n\u30fbopsgenie_detailsAWS SNS\u30c9\u30ad\u30e5\u30e1\u30f3\u30c8\u306e\u8a18\u8f09\u304c\u53e4\u3044
\n\u30fbaws_access_key\u2192aws_access_key_id
\n\u30fbaws_secret_key\u2192aws_secret_access_key
\n\u30fbprofile\u2192aws_profileHipChatHipChat\u306f2019\/02\u306b\u30b5\u30fc\u30d3\u30b9\u7d42\u4e86\u3057\u3066\u3044\u308bStrideStride\u306f2019\/02\u306b\u30b5\u30fc\u30d3\u30b9\u7d42\u4e86\u3057\u3066\u3044\u308bMicrosoft Teams\u30a2\u30e9\u30fc\u30c8\u901a\u77e5\u78ba\u8a8d\u6e08Slack\u30a2\u30e9\u30fc\u30c8\u901a\u77e5\u78ba\u8a8d\u6e08
\n\u4ee5\u4e0b\u306e\u3082\u306e\u304c\u30c9\u30ad\u30e5\u30e1\u30f3\u30c8\u306b\u8a18\u8f09\u3057\u5fd8\u308c\u3066\u3044\u308b
\n\u30fbslack_ca_certs
\n\u30fbslack_ignore_ssl_errors
\n\u30fbslack_timeoutMattermost\u30a2\u30e9\u30fc\u30c8\u901a\u77e5\u78ba\u8a8d\u6e08Telegram\u30a2\u30e9\u30fc\u30c8\u901a\u77e5\u78ba\u8a8d\u6e08
\n\u4ee5\u4e0b\u306e\u3082\u306e\u304c\u30c9\u30ad\u30e5\u30e1\u30f3\u30c8\u306b\u8a18\u8f09\u3057\u5fd8\u308c\u3066\u3044\u308b
\n\u30fbtelegram_proxy_login
\n\u30fbtelegram_proxy_passGoogleChat
\nPagerDuty
\nPagerTree\u6700\u65b0\u306e0.2.4\u3067\u6b63\u5e38\u306b\u52d5\u4f5c\u3057\u306a\u3044
\n\u4ee5\u4e0b\u306e\u3082\u306e\u304c\u30c9\u30ad\u30e5\u30e1\u30f3\u30c8\u306b\u8a18\u8f09\u3057\u5fd8\u308c\u3066\u3044\u308b
\n\u30fbpagertree_proxyExotelExotel\u306f\u65e5\u672c\u3067\u30b5\u30dd\u30fc\u30c8\u5916\u306e\u305f\u3081\u672a\u78ba\u8a8dTwilio\u30a2\u30e9\u30fc\u30c8\u901a\u77e5\u78ba\u8a8d\u6e08VictorOps\u30a2\u30e9\u30fc\u30c8\u901a\u77e5\u78ba\u8a8d\u6e08Gitter\u30a2\u30e9\u30fc\u30c8\u901a\u77e5\u78ba\u8a8d\u6e08ServiceNow\u30a2\u30e9\u30fc\u30c8\u901a\u77e5\u78ba\u8a8d\u6e08Debug
\nStomp\u6700\u65b0\u306e0.2.4\u3067\u6b63\u5e38\u306b\u52d5\u4f5c\u3057\u306a\u3044
\n\u4ee5\u4e0b\u306e\u3082\u306e\u304c\u30c9\u30ad\u30e5\u30e1\u30f3\u30c8\u306b\u8a18\u8f09\u3057\u5fd8\u308c\u3066\u3044\u308b
\n\u30fbstomp_sslAlerta\u30a2\u30e9\u30fc\u30c8\u901a\u77e5\u306f\u52d5\u3044\u3066\u3044\u308b\u3068\u3044\u3046\u60c5\u5831\u3042\u308a
\n\u4ee5\u4e0b\u306e\u3082\u306e\u304c\u30c9\u30ad\u30e5\u30e1\u30f3\u30c8\u306b\u8a18\u8f09\u3057\u5fd8\u308c\u3066\u3044\u308b
\n\u30fbalerta_api_skip_sslHTTP POST
\nLine Notify\u6700\u65b0\u306e0.2.4\u3067\u6b63\u5e38\u306b\u52d5\u4f5c\u3057\u306a\u3044TheHive\u30a2\u30e9\u30fc\u30c8\u901a\u77e5\u306f\u52d5\u3044\u3066\u3044\u308b\u3068\u3044\u3046\u60c5\u5831\u3042\u308a
\n\u4ee5\u4e0b\u306e\u3082\u306e\u304c\u30c9\u30ad\u30e5\u30e1\u30f3\u30c8\u306b\u8a18\u8f09\u3057\u5fd8\u308c\u3066\u3044\u308b
\n\u30fbhive_verifyZabbix\u30fb\u30c9\u30ad\u30e5\u30e1\u30f3\u30c8<\/a>\u3067\u300czbx_item\u300d\u3068\u3044\u3046\u8a18\u8f09\u3055\u308c\u3066\u3044\u308b\u306e\u306f\u300czbx_key\u300d\u3002zbx_item\u3068\u66f8\u304f\u3068\u300cMissing required option(s): zbx_key\u300d\u306e\u30a8\u30e9\u30fc\u304c\u51fa\u308b\u3002
\n\u30fb\u8a2d\u5b9a\u3092\u8ffd\u52a0\u3057\u3066\u52d5\u304b\u3059\u3068\u30a8\u30e9\u30fc\u304c\u51fa\u308b\u3002\u30d0\u30b0\u304c\u3042\u308b\u3088\u3046\u3067\u3059\u3002
\n(expected 2, got 1)Could not import module zabbix: not enough values to unpack
\nZabbix alert #2601<\/a>
\nZabbix alert module error #2621<\/a>
\nElastalet fails if alerter type zabbix is used: “ValueError: not enough values to unpack” [bug] #2586<\/a>
\n\u4ee5\u4e0b\u306e\u5bfe\u5fdc\u3067\u6b63\u5e38\u306b\u52d5\u4f5c\u3057\u307e\u3059\u3002\u52d5\u4f5c\u78ba\u8a8d\u624b\u4f1d\u3044\u307e\u3057\u305f
\nBugfix and better error handling on zabbix alerter #2640<\/a><\/div>\n<\/div>\n\u5f39\u6027\u8b66\u62a5\u670d\u52a1\u5668Docker\u955c\u50cf<\/h4>\n
\u6211\u5bf9ElastAlert Server\u7684\u672a\u6765\u7ef4\u62a4\u611f\u5230\u4e0d\u5b89\u3002bitsensor\/elastalert\u5904\u4e8e\u4e0d\u7ef4\u62a4\u7684\u72b6\u6001\u3002\u8003\u8651\u5230\u672a\u6765\u53ef\u80fd\u9700\u8981\u901a\u8fc7johnsusek\/elastalert-server\u7684fork\u8fdb\u884c\u81ea\u5df1\u7684\u7ef4\u62a4\uff0c\u6211\u8ba4\u4e3a\u503c\u5f97\u8003\u8651\u91c7\u7528\u4ee5\u4e0b\u89e3\u51b3\u65b9\u6848\uff1a
\n– \u5bf9\u65b0\u7684Node.js\u8fdb\u884c\u9002\u914d\u3002
\n– \u5bf9Elasticsearch\u8fdb\u884c\u4e3b\u8981\u7248\u672c\u5347\u7ea7\u7684\u9002\u914d\uff08\u6700\u8fd1\u7684\u7248\u672c\u4e3a8.x\uff09\u3002
\n– \u5982\u679c\u8981\u4f7f\u7528ElastAlert2\uff0c\u9664\u4e86praecoapp\/elastalert-server\u548ckarql\/elastalert2-server\u8fd9\u4e24\u4e2a\u9009\u9879\u5916\uff0c\u6ca1\u6709\u5176\u4ed6\u9009\u62e9\u3002<\/p>\n\nDocker\u30a4\u30e1\u30fc\u30b8\u540d\u30bf\u30b0ElastAlert\u5099\u8003bitsensor\/elastalert<\/a>2.0.10.1.39Elastcserach 7.x\u3067\u554f\u984c\u304c\u767a\u751fbitsensor\/elastalert<\/a>lastet0.1.39Elastcserach 7.x\u3067\u554f\u984c\u304c\u767a\u751fbitsensor\/elastalert<\/a>3.0.0-beta.00.2.0b2
\nbitsensor\/elastalert<\/a>3.0.0-beta.1\u672a\u78ba\u8a8d
\nservercentral\/elastalert<\/a>latest0.2.1bitsensor\/elastalert\u30d5\u30a9\u30fc\u30afdaichi703n\/elastalert<\/a>0.2.1-dev20.2.1+bugfixservercentral\/elastalert\u30d5\u30a9\u30fc\u30af
\njfcantu\/elastalert:v0.1.1\u306e\u30a4\u30e1\u30fc\u30b8\u4f7f\u7528\uff1f\u3002\u305d\u306e\u4ed6\u306e\u30d0\u30b0\u4fee\u6b63\u306f\u4ee5\u4e0b\u306e\u30b5\u30a4\u30c8\u3092\u53c2\u7167\u3002
\nPraeco + ElastAlert2.0 + ES7.x \u69cb\u6210\u306e\u4e0d\u5177\u5408\u5bfe\u5fdc\u65b9\u6cd5<\/a>
\ndaichi703n\/elastalert-server (GitHub)<\/a>karql\/elastalert2-server<\/a>latestElastAlert2 2.9.0bitsensor\/elastalert\u30d5\u30a9\u30fc\u30af
\nnode.js\u304b\u3089TypeScript\u306b\u5909\u66f4\u3057\u3066\u3044\u308bpraecoapp\/elastalert-server<\/a>latestElastAlert2 2.9.0servercentral\/elastalert\u30d5\u30a9\u30fc\u30af
\nPraeco\u7528ElastAlert Server\u306e\u6700\u65b0\u7248
\nElasticsearch 8\u5bfe\u5fdc<\/div>\n<\/div>\n\u7531\u4e8e\u7d22\u5f15\u6253\u5f00\u8fc7\u591a\uff0c\u5bfc\u81f4Java\u5806\u5185\u5b58\u67af\u7aed\u3002<\/h4>\n
\u6709\u65f6\u4f1a\u53d1\u751fcircuit_breaking_exception\u6545\u969c
\n\u2192 \u8c03\u6574ElasticSearch\u7684\u5806\u5927\u5c0f
\n\u2192 \u4fee\u6539ElasticSearch\u7684indices.breaker.total.limit
\n\u2192 \u5220\u9664ElasticSearch\u7684\u7d22\u5f15\u6570\u636e\uff0c\u6216\u5173\u95ed\u4e0d\u9700\u8981\u7684\u7d22\u5f15\u6570\u636e
\n\u7531\u4e8eElasticsearch\u6253\u5f00\u8fc7\u591a\u7684\u7d22\u5f15\uff0c\u5bfc\u81f4\u5806\u5185\u5b58\u8017\u5c3d
\nelastalert\u611f\u5230\u975e\u5e38\u4e0d\u9ad8\u5174\uff08circuit_breaking_exception\uff0c\u6570\u636e\u592a\u5927\uff09#2485
\ncircuit_breaking_exception\uff0c\u6570\u636e\u592a\u5927#349
\n\u5347\u7ea7\u81f36.2.4\u540e\uff0c\u56de\u8def\u4e2d\u65ad\u6570\u636e\u592a\u5927\u5f02\u5e38#31197
\nElastalert\u90e8\u7f72\u5931\u8d25<\/p>\n\u8bf7\u53c2\u8003\u7f51\u5740\u3002<\/h4>\n
\u4f7f\u7528Elastic Stack\u76d1\u63a7Kubernetes\u7cfb\u7edf
\n\u4f7f\u7528ElastAlert\u76d1\u63a7\u548c\u901a\u77e5Elasticsearch\u7d22\u5f15
\n\u5e0c\u671b\u4f7f\u7528elastalert\u81ea\u52a8\u68c0\u6d4b\u5e76\u901a\u77e5\u5e94\u7528\u7a0b\u5e8f\u5f02\u5e38
\n\u901a\u8fc7elastalert\u548cElasticSearch\u7b80\u4fbf\u7075\u6d3b\u5730\u8bbe\u7f6e\u8b66\u62a5
\n\u4f7f\u7528ElastAlert\u521b\u5efa\u81ea\u5b9a\u4e49\u89c4\u5219
\n\u5e0c\u671b\u5728\u53d1\u73b0\u9519\u8bef\u65e5\u5fd7\u65f6\u901a\u8fc7ElasticSearch\u548cElastalert\u8fdb\u884c\u901a\u77e5
\n\u901a\u8fc7\u6269\u5c55ElastAlert\u7684\u76d1\u63a7\u89c4\u5219\u6765\u83b7\u5f97\u4e00\u70b9\u70b9\u5e78\u798f
\n\u4f7f\u7528Elasticsearch\u8fdb\u884c\u670d\u52a1\u76d1\u63a7\uff0c\u7a0d\u7a0d\u611f\u5230\u5e78\u798f
\n\u901a\u8fc7ElastAlert\u76d1\u63a7AWS ElasticSearch Service\u7684\u65e5\u5fd7
\n\u5e0c\u671b\u901a\u8fc7twitter -> fluentd -> elasticsearch -> elastalert -> slack\u5b9e\u73b0\u81ea\u6211\u76d1\u89c6\u7684\u4eba\u751f\u3002
\n\u4f7f\u7528elastalert\u5411slack\u53d1\u9001\u8b66\u62a5
\n\u901a\u8fc7EFK Stack\u5bf9Kubernetes\u4e8b\u4ef6\u8fdb\u884c\u8b66\u62a5
\n\u4f7f\u7528ElastAlert\u8fdb\u884c\u5927\u89c4\u6a21\u7684Elasticsearch\u8b66\u62a5\uff0c\u7b2c\u4e00\u90e8\u5206
\n\u4f7f\u7528Elastalert\u76d1\u63a7\u78c1\u76d8\u589e\u957f\u60c5\u51b5<\/p>\n\u6837\u54c1<\/h4>\n
elastalert\/example_rules
\nandromedarabbit\/elastalert-rule.yaml
\n\u4f7f\u7528elastalert\u53d1\u9001\u5230slack\u7684\u8b66\u62a5<\/p>\nCPU\u4f7f\u7528\u7387\u7684Elastalert\u89c4\u5219
\n\u6267\u884cElastalert\u89c4\u5219\u65f6\u51fa\u9519\uff1aIOError: [Errno 2]\u6ca1\u6709\u627e\u5230’config.yaml’\u6587\u4ef6\u6216\u76ee\u5f55
\nELK\uff1a\u57fa\u4e8eElasticSearch\u6570\u636e\u7684ElastAlert\u62a5\u8b66
\nmanankalra\/elastalert-tutorial
\n– elastalert_cpu_watch.yaml
\n– elastalert_filesystem_watch.yaml
\n– elastalert_memory_watch.yaml<\/p>\n\u5f39\u6027\u8b66\u62a5\u7684\u5206\u652f\u7248\u672c<\/h2>\n
\u5927\u6570\u636e\u7cbe\u54c1\/\u5f39\u6027\u8b66\u62a5<\/p>\n
\n
- \n
ElastAlert 0.2.4\u30d9\u30fc\u30b9<\/ul>\n<\/li>\n<\/ul>\n
<\/p>\n
\n
- \n
crontrigger, must_not\u306a\u3069\u3092\u8ffd\u52a0\u3057\u3066\u3044\u308b\u3002<\/ul>\n<\/li>\n<\/ul>\n
<\/p>\n
\n
- \n
Python 3.9\u4ee5\u964d\u306f\u52d5\u304d\u307e\u305b\u3093\u3002<\/ul>\n<\/li>\n<\/ul>\n
<\/p>\n
Elasticsearch 8\u306b\u5bfe\u5fdc\u3057\u3066\u3044\u307e\u305b\u3093\u3002<\/ul>\n
\u81ea\u52a81-OSS\/\u5f39\u6027\u9884\u8b66<\/p>\n
\n
- \n
ElastAlert 0.2.1\u30d9\u30fc\u30b9<\/ul>\n<\/li>\n<\/ul>\n
<\/p>\n
\n
- \n
auto resolve alert\u3001generate_kibana6_link\u306a\u3069\u3092\u8ffd\u52a0\u3057\u3066\u3044\u308b\u3002<\/ul>\n<\/li>\n<\/ul>\n
<\/p>\n
\n
- \n
Python 3.9\u4ee5\u964d\u306f\u52d5\u304d\u307e\u305b\u3093\u3002<\/ul>\n<\/li>\n<\/ul>\n
<\/p>\n
Elasticsearch 8\u306b\u5bfe\u5fdc\u3057\u3066\u3044\u307e\u305b\u3093\u3002<\/ul>\n
sherifabdlnaby\/elastalert\u7684\u7248\u672c\u662fv0.4.0\u3002<\/p>\n
\n
- \n
ElastAlert 0.2.1\u30d9\u30fc\u30b9<\/ul>\n<\/li>\n<\/ul>\n
<\/p>\n
\n
- \n
Jinja2 Options\u306a\u3069\u3092\u8ffd\u52a0\u3057\u3066\u3044\u308b\u3002<\/ul>\n<\/li>\n<\/ul>\n
<\/p>\n
\n
- \n
Python 3.9\u4ee5\u964d\u306f\u52d5\u304d\u307e\u305b\u3093\u3002<\/ul>\n<\/li>\n<\/ul>\n
<\/p>\n
Elasticsearch 8\u306b\u5bfe\u5fdc\u3057\u3066\u3044\u307e\u305b\u3093\u3002<\/ul>\n
JasperJuergensen\u7684elastalert<\/p>\n
\n
- \n
ElastAlert 0.2.4\u30d9\u30fc\u30b9<\/ul>\n<\/li>\n<\/ul>\n
<\/p>\n
\n
- \n
Python 3.9\u4ee5\u964d\u306f\u52d5\u304d\u307e\u305b\u3093\u3002<\/ul>\n<\/li>\n<\/ul>\n
<\/p>\n
Elasticsearch 8\u306b\u5bfe\u5fdc\u3057\u3066\u3044\u307e\u305b\u3093\u3002<\/ul>\n
v0.3.0\uff082020\/6\/20\uff09
\n\u8bf7\u8bbf\u95ee\u4ee5\u4e0b\u94fe\u63a5\u4e86\u89e3\u66f4\u591a\u4fe1\u606f\uff1a
\nhttps:\/\/github.com\/JasperJuergensen\/elastalert\/blob\/master\/changelog.md<\/p>\n\u91cd\u7ec4
\n\u5c06\u89c4\u5219\u7c7b\u578b\u653e\u5728\u5b83\u4eec\u81ea\u5df1\u7684\u6a21\u5757\u4e2d\uff0c\u800c\u4e0d\u662f\u4e00\u4e2a\u6587\u4ef6\u4e2d
\n\u5c06\u8b66\u62a5\u5668\u653e\u5728\u5b83\u4eec\u81ea\u5df1\u7684\u6a21\u5757\u4e2d\uff0c\u800c\u4e0d\u662f\u4e00\u4e2a\u6587\u4ef6\u4e2d
\n\u5c06\u589e\u5f3a\u529f\u80fd\u653e\u5728\u5b83\u4eec\u81ea\u5df1\u7684\u6a21\u5757\u4e2d\uff0c\u800c\u4e0d\u662f\u4e00\u4e2a\u6587\u4ef6\u4e2d
\n\u5c06\u52a0\u8f7d\u5668\u653e\u5728\u5b83\u4eec\u81ea\u5df1\u7684\u6a21\u5757\u4e2d\uff0c\u800c\u4e0d\u662f\u4e00\u4e2a\u6587\u4ef6\u4e2d
\n\u4f7f\u7528\u65b0\u7684\u5168\u5c40\u914d\u7f6e\u5bf9\u8c61\uff0c\u800c\u4e0d\u662f\u4e00\u4e2a\u5b57\u5178
\n\u6dfb\u52a0
\nMAAS\u89c4\u5219
\n\u7528\u4e8e\u7a81\u53d1\u548c\u7a81\u53d1\u5ea6\u91cf\u805a\u5408\u89c4\u5219\u7684\u65b0\u6307\u6807
\n\u76f8\u5173\u6027\u89c4\u5219
\n\u67e5\u8be2
\n\u89c4\u5219\u7c7b\uff0c\u8986\u76d6\u4e86\u4e4b\u524d\u7531elastalerter\u5bf9\u8c61\u63d0\u4f9b\u7684\u4e00\u4e9b\u529f\u80fd
\n\u7528\u4e8e\u6267\u884c\u89c4\u5219\u8fc7\u7a0b\u4e2d\u7684\u5f02\u5e38\u7684EARuntimeException
\n\u7528\u4e8e\u914d\u7f6e\u89c4\u5219\u9636\u6bb5\u5f15\u53d1\u7684\u5f02\u5e38\u7684EAConfigExceptions
\n\u4fee\u590d
\n\u4fee\u590d\u4e86\u7a81\u53d1\u5ea6\u91cf\u805a\u5408\u89c4\u5219\u7684\u7a97\u53e3\u95ee\u9898<\/p><\/blockquote>\njsonar\/elastalert\u7684\u4e2d\u6587\u91ca\u4e49\u4e3a\uff1aJsonar\/elastalert<\/p>\n
\n
- \n
ElastAlert 0.1.35\u30d9\u30fc\u30b9<\/ul>\n<\/li>\n<\/ul>\n
<\/p>\n
\n
- \n
Python 3.8\u3001elasticsearch-py\u30d0\u30fc\u30b8\u30e7\u30f3\u30a2\u30c3\u30d7\u306a\u3069<\/ul>\n<\/li>\n<\/ul>\n
<\/p>\n
\n
- \n
Python 3.9\u4ee5\u964d\u306f\u52d5\u304d\u307e\u305b\u3093\u3002<\/ul>\n<\/li>\n<\/ul>\n
<\/p>\n
Elasticsearch 8\u306b\u5bfe\u5fdc\u3057\u3066\u3044\u307e\u305b\u3093\u3002<\/ul>\n
\u5f39\u6027\u8b66\u62a52<\/h2>\n
\u7ef4\u62a4\u8005\uff1aJason Ertel
\n\u8fd9\u4e2a\u7248\u672c\u7684Elastalert2\u6709\u4e00\u4e9bYelp\/elastalert\u4e2d\u6ca1\u6709\u7684\u529f\u80fd\u3002
\n\u8bb8\u53ef\u8bc1\u4e3aApache License 2.0\u3002
\n2.9.0\u7248\u672c\u4e8e2022\u5e7412\u670812\u65e5\u53d1\u5e03\u3002
\n\u8be6\u60c5\u8bf7\u53c2\u8003https:\/\/pypi.org\/project\/elastalert2\/\u3002<\/p>\n\u30fb\u91cd\u6784\u4ee3\u7801\uff0c\u6dfb\u52a0\u6d4b\u8bd5\u4ee3\u7801\u3002
\n\u30fb\u652f\u6301Python 3.10\u3002
\n\u30fb\u9002\u914dElasticsearch 7\u30018\u548cOpensearch\u3002
\n\u30fb\u65b0\u589eDatadog\u3001Discord\u3001Chartwork\u3001Dingtalk\u3001Rocket.Chat\u3001Amazon SES\u3001Tencent SMS\u3001Alertmanager\u3001HTTP POST 2\u7b49\u4f5c\u4e3a\u62a5\u8b66\u901a\u77e5\u7684\u76ee\u6807\u3002
\n\u30fb\u4fee\u590d\u4e86\u8bb8\u591abug\uff08Line Notify\u3001Stomp\u3001Zabbix\u3001Pagertree\u6b63\u5e38\u8fd0\u884c\uff0c\u4fee\u590d\u4e86AWS SNS\u7684bug\u7b49\uff09\u3002
\n\u30fb\u8fd8\u63d0\u4f9b\u4e86Docker\u955c\u50cf\u548cHelm\u56fe\u8868\u3002<\/p>\n<\/p>\n
\u5f39\u6027\u8b66\u62a5 Kibana \u63d2\u4ef6<\/h2>\n
\u5f00\u53d1\u8005\uff1aBitSensor
\n\u8bb8\u53ef\u8bc1\u4e3a3\u6761\u6b3e\u7684BSD\u8bb8\u53ef\u8bc1\uff08\u6539\u7248\uff09
\n\u7248\u672c\u53f71.1.0\uff082019\/07\/22\uff09<\/p>\n\u30fbElastAlert\u89c4\u5219\u6587\u4ef6\u7f16\u8f91\u5668
\n\u30fb\u53ef\u4ee5\u5c06ElastAlert\u5d4c\u5165\u5230Kibana\u9009\u9879\u5361\u4e2d\u3002
\n\u30fb\u53ea\u80fd\u7ba1\u7406\u8b66\u62a5\u89c4\u5219\u76ee\u5f55\u4e0b\u7684\u6587\u4ef6\u3002
\n\u30fb\u5f53\u5b58\u5728\u76f8\u540c\u540d\u79f0\u7684\u89c4\u5219\u6587\u4ef6\u65f6\uff0c\u65b0\u5efa\u76f8\u540c\u540d\u79f0\u7684\u89c4\u5219\u6587\u4ef6\u4f1a\u8fdb\u884c\u8986\u76d6\u3002
\n\u30fb\u8fd8\u4e0d\u80fd\u53c2\u8003\u89c4\u5219\u6a21\u677f\u6587\u4ef6\u5939\u6765\u521b\u5efa\u89c4\u5219\u6587\u4ef6\u3002
\n\u30fb\u652f\u6301Kibana 7.2.0\uff5e7.5.0\u7248\u672c\u3002
\n\u30fb\u5efa\u8bae\u4e0d\u4e0ePraeco\u4e00\u8d77\u4f7f\u7528\u3002
\n\uff1c\u539f\u56e0\uff1e
\n\u5982\u679c\u4f7f\u7528\u4e86Praeco\u4e0d\u652f\u6301\u7684\u8bbe\u7f6e\u8fdb\u884c\u7f16\u8f91\uff0c\u5f53\u5728Praeco\u4e2d\u66f4\u6539\u4e86\u8b66\u62a5\u89c4\u5219\u7684\u542f\u7528\/\u7981\u7528\u65f6\uff0c\u7f16\u5199\u7684\u8bbe\u7f6e\u4f1a\u6d88\u5931\u3002
\n\u9700\u8981\u6ce8\u610f\u7684\u662f\uff0c\u8fd9\u79cd\u884c\u4e3a\u662f\u7531\u4f7f\u7528\u8005\u9519\u8bef\u7684\u4f7f\u7528\u65b9\u5f0f\u5f15\u8d77\u7684\uff0c\u5e76\u4e14\u6211\u8ba4\u4e3a\u8fd9\u662f\u4e00\u4e2a\u8bbe\u8ba1\u89c4\u8303\u3002<\/p>\n\u5bf9\u4e8eElastAlert Kibana\u63d2\u4ef6\u7684\u60f3\u6cd5<\/h4>\n
\u7531\u4e8e\u6700\u65b0\u7248\u672c\u7684Kibana\u65e0\u6cd5\u4f7f\u7528\uff08\u5b98\u65b9\u53ea\u652f\u6301\u5230Kibana 7.5.0\uff09\uff0c\u6240\u4ee5\u65e0\u6cd5\u63a8\u8350\u91c7\u7528\u3002
\n\u5982\u679c\u80fd\u591f\u8fdb\u884c\u6539\u8fdb\uff0c\u4ee5\u786e\u4fdd\u5c06\u6765\u4e0d\u4f1a\u51fa\u73b0\u65e0\u6cd5\u8fd0\u884c\u7684\u60c5\u51b5\uff0c\u6211\u8ba4\u4e3a\u53ef\u4ee5\u8003\u8651\u91c7\u7528\u6700\u65b0\u7248\u672c\u7684Kibana\u3002<\/p>\nKibana\u7684\u7248\u672c\u8303\u56f4\u53ef\u4ee5\u4ece6.8.1\u52306.8.10\u30017.5.1\u52307.9.3\uff0c\u4ee5\u53ca7.10.0\u52308.5.3\u3002<\/h4>\n
Kibana\u63d2\u4ef6\u652f\u6301\u7248\u672c\u8303\u56f4\u4e3a7.10.0\uff5e8.5.3\u3002
\n\u94fe\u63a5\u5730\u5740\u4e3a\uff1ahttps:\/\/github.com\/karql\/elastalert-kibana-plugin\u3002
\nKibana\u63d2\u4ef6\u8fd8\u517c\u5bb9\u7684\u7248\u672c\u67096.8.1\uff5e6.8.10\u30017.5.1\uff5e7.9.3\u3002
\n\u94fe\u63a5\u5730\u5740\u4e3a\uff1ahttps:\/\/github.com\/nsano-rururu\/elastalert-kibana-plugin\/releases\u3002<\/p>\nKibana 6.8.x \u5728\u4e2d\u6587\u73af\u5883\u4e0b\u4e5f\u53ef\u8fd0\u884c\u5417\uff1f<\/h3>\n
\u65e0\u6cd5\u5b89\u88c5elastalert-kibana-plugin-1.0.3-6.8.0.zip\u5230Kibana 6.8.3 #123<\/p>\n
Kibana\u7684\u7248\u672c\u4ece7.5.1\u52307.8.1\u53ef\u8fd0\u884c\u3002<\/h4>\n
\u4e0b\u8f7delastalert-kibana-plugin-1.1.0-7.5.0.zip\uff0c\u5e76\u66f4\u65b0kibana\/elastalert-kibana-plugin\/package.json\u4e2d\u7684Kibana\u7248\u672c\uff0c\u7136\u540e\u5c06\u5176\u538b\u7f29\u4e3azip\u6587\u4ef6\u3002\u8fd9\u6837\u53ef\u4ee5\u5728Kibana 7.5.1\u548c7.5.2\u4e0a\u8fd0\u884c\u3002\u5bf9\u4e8eKibana 7.6.0\uff5e7.8.1\uff0c\u9664\u4e86\u66f4\u65b0package.json\u4e2d\u7684Kibana\u7248\u672c\u5916\uff0c\u8fd8\u9700\u8981\u66ff\u6362elastalert.js\u6587\u4ef6\u3002<\/p>\n
\u5f39\u6027\u8b66\u62a5-Kibana\u63d2\u4ef6[7.5.0]\u4e0eKibana[7.5.1]\u4e0d\u517c\u5bb9\uff03139
\n\u63d2\u4ef6\u4e0eKibana 7.6.0\u4e0d\u517c\u5bb9\uff03141
\n[\u9057\u7559]\u5f53\u542f\u7528\u6709\u6548\u8d1f\u8f7d\u9a8c\u8bc1\u65f6\uff0c\u8def\u7531\u8d1f\u8f7d\u5fc5\u987b\u8bbe\u7f6e\u4e3a’parse’\uff0357777
\n\u66f4\u65b0Elasticsearch\u52307.6.2\uff1b\u53e6\u5916\uff0c\u4fee\u590d\u95ee\u9898idaholab\uff03119<\/p>\n\u5982\u679c\u8981\u521b\u5efa\u4e00\u4e2a\u5305\u542bElastAlert\u63d2\u4ef6\u7684Docker\u955c\u50cf\u5e76\u5728Kibana\u4e2d\u5b89\u88c5\u7684\u60c5\u51b5\u4e0b<\/h4>\n
\u6211\u5df2\u7ecf\u64b0\u5199\u4e86\u4e00\u7bc7\u5173\u4e8e\u521b\u5efaKibana 7.5.1\uff5e7.8.1 Docker\u955c\u50cf\u7684\u65b9\u6cd5\u7684\u6587\u7ae0\uff0c\u5e76\u5305\u62ec\u5b89\u88c5elastalert-kibana-plugin\u7684\u6b65\u9aa4\u3002<\/p>\n
\u5982\u679c\u8981\u5728docker-compose\u7684\u547d\u4ee4\u4e2d\u5b89\u88c5ElastAlert\u63d2\u4ef6\uff0c\u8bf7\u4f7f\u7528\u4ee5\u4e0b\u9009\u9879\u3002<\/h4>\n
# (\u53c2\u8003\u60c5\u5831)elastalert-kibana-plugin-1.1.0-7.5.1.zip\u4f5c\u6210\r\ncd \/tmp\r\ncurl -L -O https:\/\/github.com\/bitsensor\/elastalert-kibana-plugin\/releases\/download\/1.1.0\/elastalert-kibana-plugin-1.1.0-7.5.0.zip\r\nmv elastalert-kibana-plugin-1.1.0-7.5.0.zip elastalert-kibana-plugin-1.1.0-7.5.1.zip\r\nunzip elastalert-kibana-plugin-1.1.0-7.5.1.zip kibana\/elastalert-kibana-plugin\/package.json\r\nsed -i \"s\/7\\.5\\.0\/7\\.5\\.1\/g\" kibana\/elastalert-kibana-plugin\/package.json\r\nzip elastalert-kibana-plugin-1.1.0-7.5.1.zip kibana\/elastalert-kibana-plugin\/package.json\r\nrm -rf kibana\r\n\r\n# elastalert-kibana-plugin-1.1.0-7.5.2.zip\u4f5c\u6210\r\ncd \/tmp\r\ncurl -L -O https:\/\/github.com\/bitsensor\/elastalert-kibana-plugin\/releases\/download\/1.1.0\/elastalert-kibana-plugin-1.1.0-7.5.0.zip\r\nmv elastalert-kibana-plugin-1.1.0-7.5.0.zip elastalert-kibana-plugin-1.1.0-7.5.2.zip\r\nunzip elastalert-kibana-plugin-1.1.0-7.5.2.zip kibana\/elastalert-kibana-plugin\/package.json\r\nsed -i \"s\/7\\.5\\.0\/7\\.5\\.2\/g\" kibana\/elastalert-kibana-plugin\/package.json\r\nzip elastalert-kibana-plugin-1.1.0-7.5.2.zip kibana\/elastalert-kibana-plugin\/package.json\r\nrm -rf kibana\r\n\r\n# (\u53c2\u8003\u60c5\u5831)elastalert-kibana-plugin-1.1.0-7.6.0.zip\u4f5c\u6210\r\ncd \/tmp\r\ncurl -L -O https:\/\/github.com\/bitsensor\/elastalert-kibana-plugin\/releases\/download\/1.1.0\/elastalert-kibana-plugin-1.1.0-7.5.0.zip\r\n# [update elasticsearch to 7.6.2; also, fix issue idaholab#119](https:\/\/github.com\/mmguero-dev\/Malcolm\/commit\/b38ddb7f0d4c5b03e6f8ccad58a656644e113b19)\r\ncurl -L -O https:\/\/raw.githubusercontent.com\/mmguero-dev\/Malcolm\/development\/kibana\/elastalert-kibana-plugin\/server\/routes\/elastalert.js\r\nmv elastalert.js elastalert-server-routes.js\r\nmv elastalert-kibana-plugin-1.1.0-7.5.0.zip elastalert-kibana-plugin-1.1.0-7.6.0.zip\r\nunzip elastalert-kibana-plugin-1.1.0-7.6.0.zip kibana\/elastalert-kibana-plugin\/package.json\r\nsed -i \"s\/7\\.5\\.0\/7\\.6\\.0\/g\" kibana\/elastalert-kibana-plugin\/package.json\r\nmkdir -p kibana\/elastalert-kibana-plugin\/server\/routes\/\r\ncp \/tmp\/elastalert-server-routes.js kibana\/elastalert-kibana-plugin\/server\/routes\/elastalert.js\r\nzip elastalert-kibana-plugin-1.1.0-7.6.0.zip kibana\/elastalert-kibana-plugin\/package.json kibana\/elastalert-kibana-plugin\/server\/routes\/elastalert.js\r\nrm -rf kibana\r\nrm elastalert-server-routes.js\r\n\r\n# (\u53c2\u8003\u60c5\u5831)elastalert-kibana-plugin-1.1.0-7.6.1.zip\u4f5c\u6210\r\ncd \/tmp\r\ncurl -L -O https:\/\/github.com\/bitsensor\/elastalert-kibana-plugin\/releases\/download\/1.1.0\/elastalert-kibana-plugin-1.1.0-7.5.0.zip\r\n# [update elasticsearch to 7.6.2; also, fix issue idaholab#119](https:\/\/github.com\/mmguero-dev\/Malcolm\/commit\/b38ddb7f0d4c5b03e6f8ccad58a656644e113b19)\r\ncurl -L -O https:\/\/raw.githubusercontent.com\/mmguero-dev\/Malcolm\/development\/kibana\/elastalert-kibana-plugin\/server\/routes\/elastalert.js\r\nmv elastalert.js elastalert-server-routes.js\r\nmv elastalert-kibana-plugin-1.1.0-7.5.0.zip elastalert-kibana-plugin-1.1.0-7.6.1.zip\r\nunzip elastalert-kibana-plugin-1.1.0-7.6.1.zip kibana\/elastalert-kibana-plugin\/package.json\r\nsed -i \"s\/7\\.5\\.0\/7\\.6\\.1\/g\" kibana\/elastalert-kibana-plugin\/package.json\r\nmkdir -p kibana\/elastalert-kibana-plugin\/server\/routes\/\r\ncp \/tmp\/elastalert-server-routes.js kibana\/elastalert-kibana-plugin\/server\/routes\/elastalert.js\r\nzip elastalert-kibana-plugin-1.1.0-7.6.1.zip kibana\/elastalert-kibana-plugin\/package.json kibana\/elastalert-kibana-plugin\/server\/routes\/elastalert.js\r\nrm -rf kibana\r\nrm elastalert-server-routes.js\r\n\r\n# (\u53c2\u8003\u60c5\u5831)elastalert-kibana-plugin-1.1.0-7.6.2.zip\u4f5c\u6210\r\ncd \/tmp\r\ncurl -L -O https:\/\/github.com\/bitsensor\/elastalert-kibana-plugin\/releases\/download\/1.1.0\/elastalert-kibana-plugin-1.1.0-7.5.0.zip\r\n# [update elasticsearch to 7.6.2; also, fix issue idaholab#119](https:\/\/github.com\/mmguero-dev\/Malcolm\/commit\/b38ddb7f0d4c5b03e6f8ccad58a656644e113b19)\r\ncurl -L -O https:\/\/raw.githubusercontent.com\/mmguero-dev\/Malcolm\/development\/kibana\/elastalert-kibana-plugin\/server\/routes\/elastalert.js\r\nmv elastalert.js elastalert-server-routes.js\r\nmv elastalert-kibana-plugin-1.1.0-7.5.0.zip elastalert-kibana-plugin-1.1.0-7.6.2.zip\r\nunzip elastalert-kibana-plugin-1.1.0-7.6.2.zip kibana\/elastalert-kibana-plugin\/package.json\r\nsed -i \"s\/7\\.5\\.0\/7\\.6\\.2\/g\" kibana\/elastalert-kibana-plugin\/package.json\r\nmkdir -p kibana\/elastalert-kibana-plugin\/server\/routes\/\r\ncp \/tmp\/elastalert-server-routes.js kibana\/elastalert-kibana-plugin\/server\/routes\/elastalert.js\r\nzip elastalert-kibana-plugin-1.1.0-7.6.2.zip kibana\/elastalert-kibana-plugin\/package.json kibana\/elastalert-kibana-plugin\/server\/routes\/elastalert.js\r\nrm -rf kibana\r\nrm elastalert-server-routes.js\r\n\r\n# (\u53c2\u8003\u60c5\u5831)elastalert-kibana-plugin-1.1.0-7.7.0.zip\u4f5c\u6210\r\ncd \/tmp\r\ncurl -L -O https:\/\/github.com\/bitsensor\/elastalert-kibana-plugin\/releases\/download\/1.1.0\/elastalert-kibana-plugin-1.1.0-7.5.0.zip\r\n# [update elasticsearch to 7.7.0; also, fix issue idaholab#119](https:\/\/github.com\/mmguero-dev\/Malcolm\/commit\/b38ddb7f0d4c5b03e6f8ccad58a656644e113b19)\r\ncurl -L -O https:\/\/raw.githubusercontent.com\/mmguero-dev\/Malcolm\/development\/kibana\/elastalert-kibana-plugin\/server\/routes\/elastalert.js\r\nmv elastalert.js elastalert-server-routes.js\r\nmv elastalert-kibana-plugin-1.1.0-7.5.0.zip elastalert-kibana-plugin-1.1.0-7.7.0.zip\r\nunzip elastalert-kibana-plugin-1.1.0-7.7.0.zip kibana\/elastalert-kibana-plugin\/package.json\r\nsed -i \"s\/7\\.5\\.0\/7\\.7\\.0\/g\" kibana\/elastalert-kibana-plugin\/package.json\r\nmkdir -p kibana\/elastalert-kibana-plugin\/server\/routes\/\r\ncp \/tmp\/elastalert-server-routes.js kibana\/elastalert-kibana-plugin\/server\/routes\/elastalert.js\r\nzip elastalert-kibana-plugin-1.1.0-7.7.0.zip kibana\/elastalert-kibana-plugin\/package.json kibana\/elastalert-kibana-plugin\/server\/routes\/elastalert.js\r\nrm -rf kibana\r\nrm elastalert-server-routes.js\r\n\r\n# (\u53c2\u8003\u60c5\u5831)elastalert-kibana-plugin-1.1.0-7.7.1.zip\u4f5c\u6210\r\ncd \/tmp\r\ncurl -L -O https:\/\/github.com\/bitsensor\/elastalert-kibana-plugin\/releases\/download\/1.1.0\/elastalert-kibana-plugin-1.1.0-7.5.0.zip\r\n# [update elasticsearch to 7.7.1; also, fix issue idaholab#119](https:\/\/github.com\/mmguero-dev\/Malcolm\/commit\/b38ddb7f0d4c5b03e6f8ccad58a656644e113b19)\r\ncurl -L -O https:\/\/raw.githubusercontent.com\/mmguero-dev\/Malcolm\/development\/kibana\/elastalert-kibana-plugin\/server\/routes\/elastalert.js\r\nmv elastalert.js elastalert-server-routes.js\r\nmv elastalert-kibana-plugin-1.1.0-7.5.0.zip elastalert-kibana-plugin-1.1.0-7.7.1.zip\r\nunzip elastalert-kibana-plugin-1.1.0-7.7.1.zip kibana\/elastalert-kibana-plugin\/package.json\r\nsed -i \"s\/7\\.5\\.0\/7\\.7\\.1\/g\" kibana\/elastalert-kibana-plugin\/package.json\r\nmkdir -p kibana\/elastalert-kibana-plugin\/server\/routes\/\r\ncp \/tmp\/elastalert-server-routes.js kibana\/elastalert-kibana-plugin\/server\/routes\/elastalert.js\r\nzip elastalert-kibana-plugin-1.1.0-7.7.1.zip kibana\/elastalert-kibana-plugin\/package.json kibana\/elastalert-kibana-plugin\/server\/routes\/elastalert.js\r\nrm -rf kibana\r\nrm elastalert-server-routes.js\r\n\r\n# (\u53c2\u8003\u60c5\u5831)elastalert-kibana-plugin-1.1.0-7.8.0.zip\u4f5c\u6210\r\ncd \/tmp\r\ncurl -L -O https:\/\/github.com\/bitsensor\/elastalert-kibana-plugin\/releases\/download\/1.1.0\/elastalert-kibana-plugin-1.1.0-7.5.0.zip\r\n# [update elasticsearch to 7.8.0; also, fix issue idaholab#119](https:\/\/github.com\/mmguero-dev\/Malcolm\/commit\/b38ddb7f0d4c5b03e6f8ccad58a656644e113b19)\r\ncurl -L -O https:\/\/raw.githubusercontent.com\/mmguero-dev\/Malcolm\/development\/kibana\/elastalert-kibana-plugin\/server\/routes\/elastalert.js\r\nmv elastalert.js elastalert-server-routes.js\r\nmv elastalert-kibana-plugin-1.1.0-7.5.0.zip elastalert-kibana-plugin-1.1.0-7.8.0.zip\r\nunzip elastalert-kibana-plugin-1.1.0-7.8.0.zip kibana\/elastalert-kibana-plugin\/package.json\r\nsed -i \"s\/7\\.5\\.0\/7\\.8\\.0\/g\" kibana\/elastalert-kibana-plugin\/package.json\r\nmkdir -p kibana\/elastalert-kibana-plugin\/server\/routes\/\r\ncp \/tmp\/elastalert-server-routes.js kibana\/elastalert-kibana-plugin\/server\/routes\/elastalert.js\r\nzip elastalert-kibana-plugin-1.1.0-7.8.0.zip kibana\/elastalert-kibana-plugin\/package.json kibana\/elastalert-kibana-plugin\/server\/routes\/elastalert.js\r\nrm -rf kibana\r\nrm elastalert-server-routes.js\r\n<\/code><\/pre>\n\u76ee\u5f55\u7ed3\u6784<\/h4>\n
\u5c06\u4ee5\u4e0b\u5185\u5bb9\u8fdb\u884c\u4e2d\u56fd\u672c\u5730\u5316\u5e76\u6539\u5199\u4e3a\u4e2d\u6587\uff0c\u53ea\u9700\u8981\u4e00\u4e2a\u9009\u9879\uff1a
\n“.\/elastalert\/rules”\u3001”.\/elastalert\/rule_templates”\u3001”.\/es\/data” \u53ef\u4ee5\u4f7f\u7528 chmod \u547d\u4ee4\u8bbe\u7f6e\u4e3a 777 \u6743\u9650\u3002<\/p>\nElastAlert\u7684\u6587\u4ef6\u4f7f\u7528\u4ee5\u4e0b\u7f51\u7ad9\u4e0a\u7684\u6587\u4ef6\u3002\u4fee\u6539\u90e8\u5206\u503c\u3002
\nhttps:\/\/github.com\/bitsensor\/elastalert<\/p>\n\/home\/\u30e6\u30fc\u30b6\u30fc\u540d\/dkwork\/es\/\r\n|--docker-compose.yml\r\n|--Dockerfiles\r\n| |--Dockerfile.elastalert\r\n|\r\n|--es\r\n| |--config\r\n| | |--elasticsearch.yml\r\n| |--data\r\n|\r\n|--kibana\r\n| |--config\r\n| | |--kibana.yml\r\n| |--plugin\r\n| | |--elastalert-kibana-plugin-1.1.0-7.7.0.zip\r\n|\r\n|--elastalert\r\n| |--bin\r\n| | |--elastalert-start.sh\r\n| | |--elastic_search_status.sh\r\n| |--config\r\n| | |--config.json\r\n| | |--elastalert-test.yaml\r\n| | |--elastalert.yaml\r\n| |--rule_templates\r\n| |--rules\r\n<\/code><\/pre>\nversion<\/span>:<\/span> \"<\/span>3.7\"<\/span>\r\nservices<\/span>:<\/span>\r\n elasticsearch<\/span>:<\/span>\r\n container_name<\/span>:<\/span> elasticsearch<\/span>\r\n image<\/span>:<\/span> docker.elastic.co\/elasticsearch\/elasticsearch:7.7.0<\/span>\r\n ports<\/span>:<\/span>\r\n -<\/span> 9200:9200<\/span>\r\n -<\/span> 9300:9300<\/span>\r\n environment<\/span>:<\/span>\r\n -<\/span> ES_JAVA_OPTS=-Xms256m -Xmx512m<\/span>\r\n -<\/span> discovery.type=single-node<\/span>\r\n restart<\/span>:<\/span> always<\/span>\r\n volumes<\/span>:<\/span>\r\n -<\/span> .\/es\/data:\/usr\/share\/elasticsearch\/data<\/span>\r\n -<\/span> .\/es\/config\/elasticsearch.yml:\/usr\/share\/elasticsearch\/config\/elasticsearch.yml<\/span>\r\n healthcheck<\/span>:<\/span>\r\n test<\/span>:<\/span> [<\/span>\"<\/span>CMD-SHELL\"<\/span>,<\/span> \"<\/span>curl<\/span> -f<\/span> http:\/\/localhost:9200<\/span> ||<\/span> exit<\/span> 1\"<\/span>]<\/span>\r\n interval<\/span>:<\/span> 30s<\/span>\r\n timeout<\/span>:<\/span> 15s<\/span>\r\n retries<\/span>:<\/span> 3<\/span>\r\n start_period<\/span>:<\/span> 180s<\/span>\r\n\r\n kibana<\/span>:<\/span>\r\n container_name<\/span>:<\/span> kibana<\/span>\r\n image<\/span>:<\/span> docker.elastic.co\/kibana\/kibana:7.7.0<\/span>\r\n command<\/span>:<\/span> sh -c '.\/bin\/kibana-plugin list | grep elastalert-kibana-plugin@1.1.0; result=`echo $$?`; if [ $$result = 1 ]; then .\/bin\/kibana-plugin install file:\/\/\/usr\/share\/kibana\/work\/elastalert-kibana-plugin-1.1.0-7.7.0.zip && exec \/usr\/local\/bin\/kibana-docker; else exec \/usr\/local\/bin\/kibana-docker; fi'<\/span>\r\n ports<\/span>:<\/span>\r\n -<\/span> 5601:5601<\/span>\r\n depends_on<\/span>:<\/span>\r\n -<\/span> elasticsearch<\/span>\r\n restart<\/span>:<\/span> always<\/span>\r\n volumes<\/span>:<\/span>\r\n -<\/span> .\/kibana\/config\/kibana.yml:\/usr\/share\/kibana\/config\/kibana.yml<\/span>\r\n -<\/span> .\/kibana\/plugin:\/usr\/share\/kibana\/work<\/span>\r\n healthcheck<\/span>:<\/span>\r\n test<\/span>:<\/span> [<\/span>\"<\/span>CMD-SHELL\"<\/span>,<\/span> \"<\/span>curl<\/span> -f<\/span> http:\/\/localhost:5601\/api\/status<\/span> ||<\/span> exit<\/span> 1\"<\/span>]<\/span>\r\n interval<\/span>:<\/span> 30s<\/span>\r\n timeout<\/span>:<\/span> 15s<\/span>\r\n retries<\/span>:<\/span> 3<\/span>\r\n start_period<\/span>:<\/span> 200s<\/span>\r\n \r\n elastalert<\/span>:<\/span>\r\n container_name<\/span>:<\/span> elastalert<\/span>\r\n build<\/span>:<\/span>\r\n context<\/span>:<\/span> .<\/span>\r\n dockerfile<\/span>:<\/span> Dockerfiles\/Dockerfile.elastalert<\/span>\r\n image<\/span>