参考文档:《elast alert》

假设报错的内容为:

ceph-rest-api service down

At least 1 events occurred between 2017-10-18 16:46 CST and 2017-10-18 17:46 CST

@timestamp: 2017-10-18T09:46:44.897Z

_id: AV8u4NMJlV0N0Gfm3nbE

_index: metricbeat-7.0.0-alpha1-2017.10.18

_type: doc

beat: {

    "hostname": "centos7gui",

    "name": "centos7gui",

    "version": "7.0.0-alpha1"

}

ceph: {

    "cluster_disk": {}

}

error: {

    "message": "error making http request: Get http://192.168.56.133:5000/api/v0.1/df: dial tcp 192.168.56.133:5000: getsockopt: no route to host"

}

metricset: {

    "host": "192.168.56.133:5000",

    "module": "ceph",

    "name": "cluster_disk",

    "rtt": 2022944

}

num_hits: 382

num_matches: 30

[config]

config.yaml

rules_folder: example_rules

run_every:

  minutes: 1

buffer_time:

  minutes: 15

es_host: 192.168.56.162

es_port: 9200

writeback_index: elastalert_status

alert_time_limit:

  days: 2

[email alert]

smtp_auth_file.yaml

user: "leiba726@163.com"

password: "xxxxxx"

my_rule.yaml

# Alert when the rate of events exceeds a threshold

# (Optional)

# Elasticsearch host

# es_host: elasticsearch.example.com

# (Optional)

# Elasticsearch port

# es_port: 14900

# (OptionaL) Connect with SSL to Elasticsearch

#use_ssl: True

# (Optional) basic-auth username and password for Elasticsearch

#es_username: someusername

#es_password: somepassword

# (Required)

# Rule name, must be unique

name: ceph-rest-api service down

# (Required)

# Type of alert.

# the frequency rule type alerts when num_events events occur with timeframe time

type: frequency

# (Required)

# Index to search, wildcard supported

index: metricbeat-*

# (Required, frequency specific)

# Alert when this many documents matching the query occur within a timeframe

num_events: 1

# (Required, frequency specific)

# num_events must occur within this amount of time to trigger an alert

timeframe:

  hours: 1

# (Required)

# A list of Elasticsearch filters used for find events

# These filters are joined with AND and nested in a filtered query

# For more info: http://www.elasticsearch.org/guide/en/elasticsearch/reference/current/query-dsl.html

filter:

- query:

        query_string:

                query: 'error making http request'

# (Required)

# The alert is use when a match is found

smtp_host: smtp.163.com

smtp_port: 25

smtp_auth_file: smtp_auth_file.yaml

email_reply_to: leiba726@163.com

from_addr: leiba726@163.com

alert:

- "email"

# (required, email specific)

# a list of email addresses to send alerts to

email:

- "leiba726@163.com"

- "elaroff@163.com"

[command alert]

my_rule.yaml

# Alert when the rate of events exceeds a threshold

# (Optional)

# Elasticsearch host

# es_host: elasticsearch.example.com

# (Optional)

# Elasticsearch port

# es_port: 14900

# (OptionaL) Connect with SSL to Elasticsearch

#use_ssl: True

# (Optional) basic-auth username and password for Elasticsearch

#es_username: someusername

#es_password: somepassword

# (Required)

# Rule name, must be unique

name: ceph-rest-api service down

# (Required)

# Type of alert.

# the frequency rule type alerts when num_events events occur with timeframe time

type: frequency

# (Required)

# Index to search, wildcard supported

index: metricbeat-*

# (Required, frequency specific)

# Alert when this many documents matching the query occur within a timeframe

num_events: 1

# (Required, frequency specific)

# num_events must occur within this amount of time to trigger an alert

timeframe:

  hours: 1

# (Required)

# A list of Elasticsearch filters used for find events

# These filters are joined with AND and nested in a filtered query

# For more info: http://www.elasticsearch.org/guide/en/elasticsearch/reference/current/query-dsl.html

filter:

- query:

        query_string:

                query: 'error making http request'

# (Required)

# The alert is use when a match is found

smtp_host: smtp.163.com

smtp_port: 25

smtp_auth_file: smtp_auth_file.yaml

email_reply_to: leiba726@163.com

from_addr: leiba726@163.com

new_style_string_format: True

alert:

- "command"

# (required, email specific)

# a list of email addresses to send alerts to

command: ["/bin/bash", "/var/hello.sh", "{match[error]}"]

执行elast alert的命令为:

python -m elastalert.elastalert --verbose --rule example_rules/my_rule.yaml

elast alert的更多相关文章

  1. 使用webstorm+webpack构建简单入门级“HelloWorld”的应用&&引用jquery来实现alert

    使用webstorm+webpack构建简单入门级"HelloWorld"的应用&&构建使用jquery来实现 1.首先你自己把webstorm安装完成. 请参考这 ...

  2. 更改默认alert框体

    更改框体主要用到的是更改系统的内置控件winpop下面是winpop具体代码 (function(window, jQuery, undefined) { 2 3 var HTMLS = { 4 ov ...

  3. ios UIWebView自定义Alert风格的弹框

    之前开发过一个App,因为公司之前写好了网页版的内容和安卓版本的App,我进去后老板要求我ios直接用网页的内容,而不需要自己再搭建框架.我一听,偷笑了,这不就是一个UIWebView吗?简单! 但是 ...

  4. C# webBrowser控件禁用alert,confirm之类的弹窗解决方案

    同样的代码,我尝试了很多次都没有成功.最后终于成功了,是因为我没有在正确的事件里面调用这段代码. private void InjectAlertBlocker() { HtmlElement hea ...

  5. 【svn】SSL error: A TLS warning alert has been received的解决方法

    第一次用svn(>_<),结果在运行下面语句时,svn很不友好的报错了..... svn co http:10.11.12.13/test1/test2 . 报错信息: svn: OPTI ...

  6. 【疑难杂症系列01】TypeError: alert is not a function

    一.背景 话说今天在调试js的时候,碰到一个很奇怪的问题,现记录一下.当使用alert()函数弹出提示时,总是报错,你没看错,alert函数报错了. 二.详细说明 当时正在做一个关于告警的页面展示功能 ...

  7. React-native之Alert

    普通的alert 先看函数原型 alert: (title: string, message?: string, buttons?: AlertButton[], type?: string) =&g ...

  8. javaFx:使用弹出对话框 Alert

    javaFx8 自带的对话框非常好用,类似的使用方式如下: /** * 弹出一个通用的确定对话框 * @param p_header 对话框的信息标题 * @param p_message 对话框的信 ...

  9. JAVA_javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name

    tomcat访问https请求返回: javax.net.ssl.SSLProtocolException: handshake alert:  unrecognized_name at sun.se ...

随机推荐

  1. poj2186-Popular Cows【Tarjan】+(染色+缩点)(经典)

    <题目链接> 题目大意: 有N(N<=10000)头牛,每头牛都想成为most poluler的牛,给出M(M<=50000)个关系,如(1,2)代表1欢迎2,关系可以传递,但 ...

  2. 网络爬虫之scrapy爬取某招聘网手机APP发布信息

    1 引言 过段时间要开始找新工作了,爬取一些岗位信息来分析一下吧.目前主流的招聘网站包括前程无忧.智联.BOSS直聘.拉勾等等.有段时间时间没爬取手机APP了,这次写一个爬虫爬取前程无忧手机APP岗位 ...

  3. Gradle 同步 已经开始 Gradle sync started

    Gradle 同步 已经开始 Gradle sync started 作者:韩梦飞沙 Author:han_meng_fei_sha 邮箱:313134555@qq.com E-mail: 31313 ...

  4. POJ 3243 Clever Y 扩展BSGS

    http://poj.org/problem?id=3243 这道题的输入数据输入后需要将a和b都%p https://blog.csdn.net/zzkksunboy/article/details ...

  5. 潭州课堂25班:Ph201805201 爬虫基础 第十一课 点触验证码 (课堂笔记)

    打开 网易盾 http://dun.163.com/trial/picture-click  ——在线体验——图中点选 打码平台 ——超级鹰    http://www.chaojiying.com/ ...

  6. 在web.xml中配置struts2拦截器

    <!-- 配置Struts2的核心的过滤器 --> <filter> <filter-name>struts2</filter-name> <fi ...

  7. c/c++中int main(int argc,char *argv[])的具体含义

    int main(int argc,char * argv[ ]) argv为指针的指针 argc为整数 char **argv or: char *argv[ ] or: char argv[ ][ ...

  8. eclipse如何导入jar包 BUILD PATH

    http://blog.csdn.net/believejava/article/details/41750987

  9. webstorm显示行号,结构预览

    1,代码结构浏览menu>view>file structure popupwindwows>tool windws >structure (alt+7)代码结构当JS代码量很 ...

  10. 让.Net程序支持命令行启动

    很多时候,我们需要让程序支持命令行启动,这个时候则需要一个命令行解析器,由于.Net BCL并没有内置命令行解析库,因此需要我们自己实现一个.对于简单的参数来说,自己写一个字符串比较函数来分析args ...