Hi
Is there a log file for elastalert when we run it as Supervisor? Recently there was some issues on live but elastalert did not trigger an alert. we could not find any log file to see why no alerts where triggered.
We stopped supervisor and ran it manually in verbose mode to see that elastic search was timing out when elastalert was trying to connect.
Also is there a way to get an alert if elastaalert is not able connect to elastic search ? This would be really helpful.
Thanks
tkumark
All 3 comments
Supervisor log ?
[program:elastalert-0-5]
command=/usr/local/bin/elastalert --config /Path/elastalert/configFiles/5min/config.yaml --verbose
process_name=elastalert-0-5
autorestart=true
startsecs=15
stopsignal=INT
stopasgroup=true
killasgroup=true
stderr_logfile=/var/log/elastalert-0-5_stderr.log
stderr_logfile_maxbytes=5MB
mza97
on 4 Jul 2017
I use this rule to generate an alert for elastalert error :
type: any
filter:
- term:
_type: elastalert_error
index: elastalert_status
alert_subject: "Error on rule elastalert "
alert_text_kw:
data: data
alert_text: |
Error elastalert :
- {data}
EDIT : this cannot help to detect elasticsearch time out since it needs elasticsearch to generate the alert....
Trustys
on 5 Jul 2017
+1 on the need for a proper logfile, preferably one that can be specified as a command line option.
IngaFeick
on 13 Feb 2018
Related issues
aromualdo
路
4Comments
shortstack
路
3Comments
PMDubuc
路
3Comments
vaibhavtupe
路
4Comments
MaximilianKaltner
路
3Comments
Most helpful comment
+1 on the need for a proper logfile, preferably one that can be specified as a command line option.