search

Yelp / elastalert

Easy & Flexible Alerting With ElasticSearch
https://elastalert.readthedocs.org
Apache License 2.0
7.99k stars 1.74k forks source link

Alerter get match info #1995

Open sebash1992 opened 5 years ago

sebash1992 commented 5 years ago

Hello all, i am trying to create my own alert, so i start playing a bit with that, i create a dummy alert 

from elastalert.alerts import Alerter, BasicMatchString

class AwesomeNewAlerter(Alerter):
    import logging
    logging.getLogger('myapp').error('Starting')

    def alert(self, matches):
        import logging
        logging.getLogger('myapp').error('Get_Info')
        #Matches is a list of match dictionaries.
        # It contains more than one match when the alert has
        # the aggregation option set
        for match in matches:
                **logging.getLogger('myapp').error(match[name])**

    def get_info(self):
        import logging
        logging.getLogger('myapp').error('Get_Info')

i am trying to get only a part of the match, in this case the name (match[name]) but it throw me an error. Can anyone give me a hand

regards

abhishekjiitr commented 5 years ago

Can you post the exact error you are having?

Qmando commented 5 years ago

You never defined the variable name, you instead of match[name] you would need to do match['name'].

However, if you want the rule name, that's actually inside of the alerter class itself. self.rule['name'] self.rule is what you've defined in the rule, plus a bunch of internal state