search

Yelp / elastalert

Easy & Flexible Alerting With ElasticSearch
https://elastalert.readthedocs.org
Apache License 2.0
7.99k stars 1.74k forks source link

Comparable filters in rule #477

Open shubhamitc opened 8 years ago

shubhamitc commented 8 years ago

I am new to Python and I have followed your links and tried to understand the logic. However my requirement needs comparison of filters and my custom rule with add_data method will receive the data for each filter one by one. I need the data to be received in my_rule and configure matcher accordingly.

To summarize the requirement,

1. Total count of some unit for 1 hour today
2. Compare that with one hour yesterday
3. Last week of same day same hour
4. Last month of same date same hour
5. Last year same date same hour

 if there is a fall of 10% in 1-2 I need alert. 
 if there is a fall of 20% in 1-3 I need alert. 
 if there is a fall of 15% in 1-4 I need alert. 
 if there is a fall of 17% in 1-5 I need alert.

How to achieve that and what would be the best way to code this? Any help will be appreciated.

HenryTheSir commented 6 years ago

Did you find any possibility to achieve this behaviour?