参考文档:《elast alert》

假设报错的内容为:

ceph-rest-api service down

At least 1 events occurred between 2017-10-18 16:46 CST and 2017-10-18 17:46 CST

@timestamp: 2017-10-18T09:46:44.897Z

_id: AV8u4NMJlV0N0Gfm3nbE

_index: metricbeat-7.0.0-alpha1-2017.10.18

_type: doc

beat: {

    "hostname": "centos7gui",

    "name": "centos7gui",

    "version": "7.0.0-alpha1"

}

ceph: {

    "cluster_disk": {}

}

error: {

    "message": "error making http request: Get http://192.168.56.133:5000/api/v0.1/df: dial tcp 192.168.56.133:5000: getsockopt: no route to host"

}

metricset: {

    "host": "192.168.56.133:5000",

    "module": "ceph",

    "name": "cluster_disk",

    "rtt": 2022944

}

num_hits: 382

num_matches: 30

[config]

config.yaml

rules_folder: example_rules

run_every:

  minutes: 1

buffer_time:

  minutes: 15

es_host: 192.168.56.162

es_port: 9200

writeback_index: elastalert_status

alert_time_limit:

  days: 2

[email alert]

smtp_auth_file.yaml

user: "leiba726@163.com"

password: "xxxxxx"

my_rule.yaml

# Alert when the rate of events exceeds a threshold

# (Optional)

# Elasticsearch host

# es_host: elasticsearch.example.com

# (Optional)

# Elasticsearch port

# es_port: 14900

# (OptionaL) Connect with SSL to Elasticsearch

#use_ssl: True

# (Optional) basic-auth username and password for Elasticsearch

#es_username: someusername

#es_password: somepassword

# (Required)

# Rule name, must be unique

name: ceph-rest-api service down

# (Required)

# Type of alert.

# the frequency rule type alerts when num_events events occur with timeframe time

type: frequency

# (Required)

# Index to search, wildcard supported

index: metricbeat-*

# (Required, frequency specific)

# Alert when this many documents matching the query occur within a timeframe

num_events: 1

# (Required, frequency specific)

# num_events must occur within this amount of time to trigger an alert

timeframe:

  hours: 1

# (Required)

# A list of Elasticsearch filters used for find events

# These filters are joined with AND and nested in a filtered query

# For more info: http://www.elasticsearch.org/guide/en/elasticsearch/reference/current/query-dsl.html

filter:

- query:

        query_string:

                query: 'error making http request'

# (Required)

# The alert is use when a match is found

smtp_host: smtp.163.com

smtp_port: 25

smtp_auth_file: smtp_auth_file.yaml

email_reply_to: leiba726@163.com

from_addr: leiba726@163.com

alert:

- "email"

# (required, email specific)

# a list of email addresses to send alerts to

email:

- "leiba726@163.com"

- "elaroff@163.com"

[command alert]

my_rule.yaml

# Alert when the rate of events exceeds a threshold

# (Optional)

# Elasticsearch host

# es_host: elasticsearch.example.com

# (Optional)

# Elasticsearch port

# es_port: 14900

# (OptionaL) Connect with SSL to Elasticsearch

#use_ssl: True

# (Optional) basic-auth username and password for Elasticsearch

#es_username: someusername

#es_password: somepassword

# (Required)

# Rule name, must be unique

name: ceph-rest-api service down

# (Required)

# Type of alert.

# the frequency rule type alerts when num_events events occur with timeframe time

type: frequency

# (Required)

# Index to search, wildcard supported

index: metricbeat-*

# (Required, frequency specific)

# Alert when this many documents matching the query occur within a timeframe

num_events: 1

# (Required, frequency specific)

# num_events must occur within this amount of time to trigger an alert

timeframe:

  hours: 1

# (Required)

# A list of Elasticsearch filters used for find events

# These filters are joined with AND and nested in a filtered query

# For more info: http://www.elasticsearch.org/guide/en/elasticsearch/reference/current/query-dsl.html

filter:

- query:

        query_string:

                query: 'error making http request'

# (Required)

# The alert is use when a match is found

smtp_host: smtp.163.com

smtp_port: 25

smtp_auth_file: smtp_auth_file.yaml

email_reply_to: leiba726@163.com

from_addr: leiba726@163.com

new_style_string_format: True

alert:

- "command"

# (required, email specific)

# a list of email addresses to send alerts to

command: ["/bin/bash", "/var/hello.sh", "{match[error]}"]

执行elast alert的命令为:

python -m elastalert.elastalert --verbose --rule example_rules/my_rule.yaml

elast alert的更多相关文章

  1. 使用webstorm+webpack构建简单入门级“HelloWorld”的应用&&引用jquery来实现alert

    使用webstorm+webpack构建简单入门级"HelloWorld"的应用&&构建使用jquery来实现 1.首先你自己把webstorm安装完成. 请参考这 ...

  2. 更改默认alert框体

    更改框体主要用到的是更改系统的内置控件winpop下面是winpop具体代码 (function(window, jQuery, undefined) { 2 3 var HTMLS = { 4 ov ...

  3. ios UIWebView自定义Alert风格的弹框

    之前开发过一个App,因为公司之前写好了网页版的内容和安卓版本的App,我进去后老板要求我ios直接用网页的内容,而不需要自己再搭建框架.我一听,偷笑了,这不就是一个UIWebView吗?简单! 但是 ...

  4. C# webBrowser控件禁用alert,confirm之类的弹窗解决方案

    同样的代码,我尝试了很多次都没有成功.最后终于成功了,是因为我没有在正确的事件里面调用这段代码. private void InjectAlertBlocker() { HtmlElement hea ...

  5. 【svn】SSL error: A TLS warning alert has been received的解决方法

    第一次用svn(>_<),结果在运行下面语句时,svn很不友好的报错了..... svn co http:10.11.12.13/test1/test2 . 报错信息: svn: OPTI ...

  6. 【疑难杂症系列01】TypeError: alert is not a function

    一.背景 话说今天在调试js的时候,碰到一个很奇怪的问题,现记录一下.当使用alert()函数弹出提示时,总是报错,你没看错,alert函数报错了. 二.详细说明 当时正在做一个关于告警的页面展示功能 ...

  7. React-native之Alert

    普通的alert 先看函数原型 alert: (title: string, message?: string, buttons?: AlertButton[], type?: string) =&g ...

  8. javaFx:使用弹出对话框 Alert

    javaFx8 自带的对话框非常好用,类似的使用方式如下: /** * 弹出一个通用的确定对话框 * @param p_header 对话框的信息标题 * @param p_message 对话框的信 ...

  9. JAVA_javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name

    tomcat访问https请求返回: javax.net.ssl.SSLProtocolException: handshake alert:  unrecognized_name at sun.se ...

随机推荐

  1. 020 $.each的使用

    在工作中见到这个知识点,不是特别懂,就查了查资料,顺便整理一下 1.定义与用法 each() 方法规定为每个匹配元素规定运行的函数. 提示:返回 false 可用于及早停止循环. 语法 $(selec ...

  2. Volley网络通信框架

    <LinearLayout xmlns:android="http://schemas.android.com/apk/res/android" xmlns:tools=&q ...

  3. update date and keep time

    select TO_CHAR((date '2010-01-02' + (sysdate-trunc(sysdate))),'YYYY-MM-DD HH:mi:ss') from dual;

  4. Project_Lemon测评系统使用经验

    Project_Lemon使用经验 如果您还没有安装Project_Lemon,那么请移步https://www.cnblogs.com/CreeperLKF/p/9201859.html去查阅安装教 ...

  5. Altium Designer Summer 09 Gerber 文件设置

  6. 使用TVTK库创建一个矩形视图

    from tvtk.api import tvtk # s=tvtk.ConeSource(height=,radius=) # print(s.center) #创建一个长方体数据源,并同时设置长宽 ...

  7. STL——配接器、常用算法使用

    学习STL,必然会用到它里面的适配器和一些常用的算法.它们都是STL中的重要组成部分. 适配器 在STL里可以用一些容器适配得到适配器.例如其中的stack和queue就是由双端队列deque容器适配 ...

  8. netbeans连接数据库SQLserver2008

    数据库设置 第一步:配置SQL,打开SQL server 2008文件下的配置工具里的SQL server配置管理器 设置MSSQLSERVER协议中,开启TCP/IP,端口设置为1433 在SQL ...

  9. java知识思维图解

  10. Github和Git上fork指南

    现在有这样一种情形:有一个叫做Joe的程序猿写了一个游戏程序,而你可能要去改进它.并且Joe将他的代码放在了GitHub仓库上.下面是你要做的事情: fork并且更新GitHub仓库的图表演示 For ...