search

bitsensor / elastalert

ElastAlert that exposes REST API's for manipulating rules and alerts
https://bitsensor.io/
Other
367 stars 216 forks source link

Elastalert 3.0 crash when add rules (ELK 7.4.2) #162

Open Ulis-ru opened 4 years ago

Ulis-ru commented 4 years ago

Hi, guys!

I have are some problem to the run ElastAlert server. When I add a rule through ElastAlert Kibana Plugin, I click the server crashes with an error.

[@kibana]# npm run start

@bitsensor/elastalert@3.0.1 start /opt/elastalert sh ./scripts/start.sh [2020-02-28T14:24:38.234Z] INFO: elastalert-server/2543 on kibana.lc: Config: No config.dev.json file was found in /opt/elastalert/config/config.dev.json. [2020-02-28T14:24:38.238Z] INFO: elastalert-server/2543 on kibana.lc: Config: Proceeding to look for normal config file. [2020-02-28T14:24:38.239Z] INFO: elastalert-server/2543 on kibana.lc: Config: A config file was found in /opt/elastalert/config/config.json. Using that config. [2020-02-28T14:24:38.272Z] INFO: elastalert-server/2543 on kibana.lc: Router: Listening for GET request on /. [2020-02-28T14:24:38.272Z] INFO: elastalert-server/2543 on kibana.lc: Router: Listening for GET request on /status. [2020-02-28T14:24:38.272Z] INFO: elastalert-server/2543 on kibana.lc: Router: Listening for GET request on /status/control/:action. [2020-02-28T14:24:38.272Z] INFO: elastalert-server/2543 on kibana.lc: Router: Listening for GET request on /status/errors. [2020-02-28T14:24:38.273Z] INFO: elastalert-server/2543 on kibana.lc: Router: Listening for GET request on /rules. [2020-02-28T14:24:38.277Z] INFO: elastalert-server/2543 on kibana.lc: Router: Listening for GET request on /rules/:id. [2020-02-28T14:24:38.277Z] INFO: elastalert-server/2543 on kibana.lc: Router: Listening for POST request on /rules/:id. [2020-02-28T14:24:38.278Z] INFO: elastalert-server/2543 on kibana.lc: Router: Listening for DELETE request on /rules/:id. [2020-02-28T14:24:38.278Z] INFO: elastalert-server/2543 on kibana.lc: Router: Listening for GET request on /templates. [2020-02-28T14:24:38.278Z] INFO: elastalert-server/2543 on kibana.lc: Router: Listening for GET request on /templates/:id. [2020-02-28T14:24:38.279Z] INFO: elastalert-server/2543 on kibana.lc: Router: Listening for POST request on /templates/:id. [2020-02-28T14:24:38.279Z] INFO: elastalert-server/2543 on kibana.lc: Router: Listening for DELETE request on /templates/:id. [2020-02-28T14:24:38.279Z] INFO: elastalert-server/2543 on kibana.lc: Router: Listening for POST request on /test. [2020-02-28T14:24:38.279Z] INFO: elastalert-server/2543 on kibana.lc: Router: Listening for GET request on /config. [2020-02-28T14:24:38.280Z] INFO: elastalert-server/2543 on kibana.lc: Router: Listening for POST request on /config. [2020-02-28T14:24:38.280Z] INFO: elastalert-server/2543 on kibana.lc: Router: Listening for POST request on /download. [2020-02-28T14:24:38.280Z] INFO: elastalert-server/2543 on kibana.lc: Router: Listening for GET request on /metadata/:type. [2020-02-28T14:24:38.281Z] INFO: elastalert-server/2543 on kibana.lc: Router: Listening for GET request on /mapping/:index. [2020-02-28T14:24:38.281Z] INFO: elastalert-server/2543 on kibana.lc: Router: Listening for POST request on /search/:index. [2020-02-28T14:24:38.288Z] INFO: elastalert-server/2543 on kibana.lc: ProcessController: Starting ElastAlert [2020-02-28T14:24:38.288Z] INFO: elastalert-server/2543 on kibana.lc: ProcessController: Creating index [2020-02-28T14:24:38.295Z] ERROR: elastalert-server/2543 on kibana.lc: ProcessController: Index create exited with code null [2020-02-28T14:24:38.296Z] WARN: elastalert-server/2543 on kibana.lc: ProcessController: ElastAlert will start but might not be able to save its data! [2020-02-28T14:24:38.296Z] INFO: elastalert-server/2543 on kibana.lc: ProcessController: Starting elastalert with arguments [none] [2020-02-28T14:24:38.307Z] INFO: elastalert-server/2543 on kibana.lc: ProcessController: Started Elastalert (PID: undefined) [2020-02-28T14:24:38.312Z] INFO: elastalert-server/2543 on kibana.lc: Server: Server listening on port 3030 [2020-02-28T14:24:38.314Z] INFO: elastalert-server/2543 on kibana.lc: Server: Websocket listening on port 3333 [2020-02-28T14:24:38.315Z] INFO: elastalert-server/2543 on kibana.lc: Server: Server started [2020-02-28T14:24:38.317Z] ERROR: elastalert-server/2543 on kibana.lc: ProcessController: ElastAlert error: Error: spawn python ENOENT catched [2020-02-28T14:32:52.552Z] INFO: elastalert-server/2543 on kibana.lc: Routes: Successfully handled POST request for '/rules/:id'. [2020-02-28T14:32:52.578Z] INFO: elastalert-server/2543 on kibana.lc: Routes: Successfully handled GET request for '/rules'. rule resolved [2020-02-28T14:32:58.197Z] INFO: elastalert-server/2543 on kibana.lc: Routes: Successfully handled GET request for '/rules/:id'. events.js:174 throw er; // Unhandled 'error' event ^ Error: spawn python ENOENT at Process.ChildProcess._handle.onexit (internal/child_process.js:240:19) at onErrorNT (internal/child_process.js:415:16) at process._tickCallback (internal/process/next_tick.js:63:19) Emitted 'error' event at: at Process.ChildProcess._handle.onexit (internal/child_process.js:246:12) at onErrorNT (internal/child_process.js:415:16) at process._tickCallback (internal/process/next_tick.js:63:19) [2020-02-28T14:33:00.847Z] INFO: elastalert-server/2543 on kibana.lc: Server: Stopping server [2020-02-28T14:33:00.847Z] INFO: elastalert-server/2543 on kibana.lc: ProcessController: ElastAlert is not running [2020-02-28T14:33:00.847Z] INFO: elastalert-server/2543 on kibana.lc: Server: Server stopped. Bye! [@kibana]#

With best regards, Tnx

erindrian commented 4 years ago

is there any update for this? @Ulis-ru