参考文档:《elast alert》

假设报错的内容为:

ceph-rest-api service down

At least 1 events occurred between 2017-10-18 16:46 CST and 2017-10-18 17:46 CST

@timestamp: 2017-10-18T09:46:44.897Z

_id: AV8u4NMJlV0N0Gfm3nbE

_index: metricbeat-7.0.0-alpha1-2017.10.18

_type: doc

beat: {

    "hostname": "centos7gui",

    "name": "centos7gui",

    "version": "7.0.0-alpha1"

}

ceph: {

    "cluster_disk": {}

}

error: {

    "message": "error making http request: Get http://192.168.56.133:5000/api/v0.1/df: dial tcp 192.168.56.133:5000: getsockopt: no route to host"

}

metricset: {

    "host": "192.168.56.133:5000",

    "module": "ceph",

    "name": "cluster_disk",

    "rtt": 2022944

}

num_hits: 382

num_matches: 30

[config]

config.yaml

rules_folder: example_rules

run_every:

  minutes: 1

buffer_time:

  minutes: 15

es_host: 192.168.56.162

es_port: 9200

writeback_index: elastalert_status

alert_time_limit:

  days: 2

[email alert]

smtp_auth_file.yaml

user: "leiba726@163.com"

password: "xxxxxx"

my_rule.yaml

# Alert when the rate of events exceeds a threshold

# (Optional)

# Elasticsearch host

# es_host: elasticsearch.example.com

# (Optional)

# Elasticsearch port

# es_port: 14900

# (OptionaL) Connect with SSL to Elasticsearch

#use_ssl: True

# (Optional) basic-auth username and password for Elasticsearch

#es_username: someusername

#es_password: somepassword

# (Required)

# Rule name, must be unique

name: ceph-rest-api service down

# (Required)

# Type of alert.

# the frequency rule type alerts when num_events events occur with timeframe time

type: frequency

# (Required)

# Index to search, wildcard supported

index: metricbeat-*

# (Required, frequency specific)

# Alert when this many documents matching the query occur within a timeframe

num_events: 1

# (Required, frequency specific)

# num_events must occur within this amount of time to trigger an alert

timeframe:

  hours: 1

# (Required)

# A list of Elasticsearch filters used for find events

# These filters are joined with AND and nested in a filtered query

# For more info: http://www.elasticsearch.org/guide/en/elasticsearch/reference/current/query-dsl.html

filter:

- query:

        query_string:

                query: 'error making http request'

# (Required)

# The alert is use when a match is found

smtp_host: smtp.163.com

smtp_port: 25

smtp_auth_file: smtp_auth_file.yaml

email_reply_to: leiba726@163.com

from_addr: leiba726@163.com

alert:

- "email"

# (required, email specific)

# a list of email addresses to send alerts to

email:

- "leiba726@163.com"

- "elaroff@163.com"

[command alert]

my_rule.yaml

# Alert when the rate of events exceeds a threshold

# (Optional)

# Elasticsearch host

# es_host: elasticsearch.example.com

# (Optional)

# Elasticsearch port

# es_port: 14900

# (OptionaL) Connect with SSL to Elasticsearch

#use_ssl: True

# (Optional) basic-auth username and password for Elasticsearch

#es_username: someusername

#es_password: somepassword

# (Required)

# Rule name, must be unique

name: ceph-rest-api service down

# (Required)

# Type of alert.

# the frequency rule type alerts when num_events events occur with timeframe time

type: frequency

# (Required)

# Index to search, wildcard supported

index: metricbeat-*

# (Required, frequency specific)

# Alert when this many documents matching the query occur within a timeframe

num_events: 1

# (Required, frequency specific)

# num_events must occur within this amount of time to trigger an alert

timeframe:

  hours: 1

# (Required)

# A list of Elasticsearch filters used for find events

# These filters are joined with AND and nested in a filtered query

# For more info: http://www.elasticsearch.org/guide/en/elasticsearch/reference/current/query-dsl.html

filter:

- query:

        query_string:

                query: 'error making http request'

# (Required)

# The alert is use when a match is found

smtp_host: smtp.163.com

smtp_port: 25

smtp_auth_file: smtp_auth_file.yaml

email_reply_to: leiba726@163.com

from_addr: leiba726@163.com

new_style_string_format: True

alert:

- "command"

# (required, email specific)

# a list of email addresses to send alerts to

command: ["/bin/bash", "/var/hello.sh", "{match[error]}"]

执行elast alert的命令为:

python -m elastalert.elastalert --verbose --rule example_rules/my_rule.yaml

elast alert的更多相关文章

  1. 使用webstorm+webpack构建简单入门级“HelloWorld”的应用&&引用jquery来实现alert

    使用webstorm+webpack构建简单入门级"HelloWorld"的应用&&构建使用jquery来实现 1.首先你自己把webstorm安装完成. 请参考这 ...

  2. 更改默认alert框体

    更改框体主要用到的是更改系统的内置控件winpop下面是winpop具体代码 (function(window, jQuery, undefined) { 2 3 var HTMLS = { 4 ov ...

  3. ios UIWebView自定义Alert风格的弹框

    之前开发过一个App,因为公司之前写好了网页版的内容和安卓版本的App,我进去后老板要求我ios直接用网页的内容,而不需要自己再搭建框架.我一听,偷笑了,这不就是一个UIWebView吗?简单! 但是 ...

  4. C# webBrowser控件禁用alert,confirm之类的弹窗解决方案

    同样的代码,我尝试了很多次都没有成功.最后终于成功了,是因为我没有在正确的事件里面调用这段代码. private void InjectAlertBlocker() { HtmlElement hea ...

  5. 【svn】SSL error: A TLS warning alert has been received的解决方法

    第一次用svn(>_<),结果在运行下面语句时,svn很不友好的报错了..... svn co http:10.11.12.13/test1/test2 . 报错信息: svn: OPTI ...

  6. 【疑难杂症系列01】TypeError: alert is not a function

    一.背景 话说今天在调试js的时候,碰到一个很奇怪的问题,现记录一下.当使用alert()函数弹出提示时,总是报错,你没看错,alert函数报错了. 二.详细说明 当时正在做一个关于告警的页面展示功能 ...

  7. React-native之Alert

    普通的alert 先看函数原型 alert: (title: string, message?: string, buttons?: AlertButton[], type?: string) =&g ...

  8. javaFx:使用弹出对话框 Alert

    javaFx8 自带的对话框非常好用,类似的使用方式如下: /** * 弹出一个通用的确定对话框 * @param p_header 对话框的信息标题 * @param p_message 对话框的信 ...

  9. JAVA_javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name

    tomcat访问https请求返回: javax.net.ssl.SSLProtocolException: handshake alert:  unrecognized_name at sun.se ...

随机推荐

  1. Map的知识点梳理(不包含collections工具类)

    一:基础公共方法(map不再是简单的加索引,可以直接命名key,通过key进行遍历) 1.常见的map子类 HashTable:底层是哈希表结构.不允许null键和null值,线程同步 HashMap ...

  2. Alpha冲刺随笔—:第一天

    课程名称:软件工程1916|W(福州大学) 作业要求:项目Alpha冲刺(十天冲刺) 团队名称:葫芦娃队 作业目标:在十天冲刺里对每天的任务进行总结. 随笔汇总:https://www.cnblogs ...

  3. Shiro笔记(四)编码/加密

    Shiro笔记(四)编码/加密 一.编码和解码 //base64编码.解码 @Test public void testBase64(){ String str="tang"; b ...

  4. c潭州课堂25班:Ph201805201 MySQL第二课 (课堂笔记)

    mysql> create table tb_2( -> id int, -> name varchar(10) not null -> ); 插入数据 insert into ...

  5. [TYVJ1473]校门外的树3

    思路: 维护两个树状数组,一个记录种树区间左端点,一个记录右端点. 每次询问查询“看不见的树区间”,即右端点小于查询区间左端点和左端点小于查询区间右端点. #include<cstdio> ...

  6. 解决iframe重复嵌套登陆页面的问题

    在login.jsp中加入即可 // 在被嵌套时就刷新上级窗口 if(window.parent != window){ window.parent.location.reload(true); }

  7. C++ 继承与派生

    继承的意义? 使程序的设计更符合发展规律,即事物的发展是一个从低级到高级的发展过程,类的继承也是反映由原始的简单代码到丰富的高级代码的过程.它能帮助我们描述事物的层次关系,有效而精确的理解事物,理解事 ...

  8. 20172302 《Java软件结构与数据结构》第九周学习总结

    2018年学习总结博客总目录:第一周 第二周 第三周 第四周 第五周 第六周 第七周 第八周 第九周 教材学习内容总结 第十五章 图 1.图:图(graph)是由一些点(vertex)和这些点之间的连 ...

  9. Saltstack 命令

    命令格式 salt '<操作目标>' <方法>[参数] 查看被控主机内存使用情况 [root@node1 ~]# salt '*' cmd.run 'free -h' node ...

  10. Tinkoff Challenge - Final Round (Codeforces Round #414, rated, Div. 1 + Div. 2) 【ABC】

    老年人题解,语言python3 A - Bank Robbery 题意:给你ABC,以及n个数,问你在(B,C)之间的数有多少个. 题解:对于每个数判断一下就好了嘛 x,y,z = map(int,i ...