elastalert cannot find index app* in openshift

Yelp / elastalert

Easy & Flexible Alerting With ElasticSearch

https://elastalert.readthedocs.org

Apache License 2.0

7.97k stars 1.74k forks source link

elastalert cannot find index app* in openshift #3271

Open BalighRezgui opened 1 year ago

BalighRezgui commented 1 year ago

Hello,

I configured an elastalert with elasticsearch on an openshift cluster when I configure an alert ruels for the infra- index to capture a word it works but when I change the index in the ruels app- it does not work. Apparently elastalert can see the infra index and is not seeing the app. any ideas ?

data: my-rules.yaml: | name: test type: frequency index: infra (or app) num_events: 1 timeframe: minutes: 10 filter:

term: message: BIP
query: query_string: query: "NETWORK"

tabular-rasa commented 1 year ago

can you show me all your index？ or have you tried this command to test？ elastalert-test-rule example_rules/xxx.yaml --config config.yaml if it reports no problem，perhaps it hits no goals.

nsano-rururu commented 1 year ago

elastalert is not maintained. Please use elastalert2. https://github.com/jertel/elastalert2/discussions