Elastalert: Cannot send alerts to telegram?

Created on 13 May 2016  路  10Comments  路  Source: Yelp/elastalert

Hello,
I'm trying to send ES alerts to telegram with elastalert but i keep getting this error:
ERROR:root:Error while running alert telegram: Error posting to Telegram: 400 Client Error: Bad Request
Config:

alert:
- "email"
- "telegram"
# (required, email specific)
# a list of email addresses to send alerts to
email:
- "myemail"
#
telegram_bot_token: mytelegram_token_without_quotes
#
telegram_room_id: "@mytelegram_username" # i tried also group id and the bot room id but nothing

My configuration is working with emails, i don't know if i'm missing something on the telegram config?

picture fnzv

Most helpful comment

Documentation is a mesh

picture q2dg on 21 Feb 2020
🚀1 😄1 👍1

All 10 comments

Is the email really big? https://core.telegram.org/method/messages.sendMessage#return-errors says a 400 could mean >4096 characters. I should actually truncate and enforce that limit now that I know it exists.

If you put a debug point here, https://github.com/Yelp/elastalert/blob/master/elastalert/alerts.py#L725, you could probably see the reason for the 400.

Qmando picture Qmando on 13 May 2016

Thank you.. i tried to send messages via curl and i found that the telegram_room_id works only with the chat_id that you get with api.telegram.com//getUpdates
Now the elastalert works with telegram.

fnzv picture fnzv on 17 May 2016

Hi Mormaii, i use chat id in telegram_room_id = 'chat_id'

try to get the chat_id from https://api.telegram.org/bot/getUpdates

You can use "chat":{"id": 29299292 to send msg to groups or to personal contact.

ruifigueiredo picture ruifigueiredo on 23 Sep 2016

@ruifigueiredo It worked like that, is there any way to customize the alert message? without having to edit ruletypes.py (my python isn't good)

Mormaii picture Mormaii on 23 Sep 2016

@Mormaii Yap you can use:

alert_text: "custom alert text: {0} {1}"
alert_text_args: ["field0","field1"]

ruifigueiredo picture ruifigueiredo on 24 Sep 2016

@Mormaii why you delete and edit your questions with different contexts of the original?
https://snag.gy/qDMJbc.jpg
please check this link https://elastalert.readthedocs.io/en/latest/running_elastalert.html#creating-a-rule

ruifigueiredo picture ruifigueiredo on 24 Sep 2016

@ruifigueiredo I wanted to create a separate issue so now to hijack this one. That link you sent me has no info on alert_text whatsoever

Is there any way to do operations on the alert_text?

example:

alert_text: |
    Bot ha detectado un uso de CPU {1} en {0} # I want to multiply {1} by 100
alert_text_args:
  - hostname
  - proc.cpu.user_p
Mormaii picture Mormaii on 24 Sep 2016

@Mormaii please you need to use the fields hostname or proc.cpu.user_p or others in place of my example.

alert_text_args: ["field0","field1"] -> alert_text_args:["hostname","proc.cpu.user.p"]

ruifigueiredo picture ruifigueiredo on 25 Sep 2016

Already works like that, what I'm asking is to do math operations on the text

Mormaii picture Mormaii on 25 Sep 2016

Documentation is a mesh

q2dg picture q2dg on 21 Feb 2020
🚀1 😄1 👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

aromualdo picture aromualdo  路  4Comments
chihhanyu picture chihhanyu  路  3Comments
PMDubuc picture PMDubuc  路  3Comments
MaximilianKaltner picture MaximilianKaltner  路  3Comments
AweiWoo picture AweiWoo  路  3Comments