vrushal007g
commented
1 year ago hi anyone can suggest what could be the issue
Open vrushal007g opened 1 year ago
vrushal007g
commented
1 year ago hi anyone can suggest what could be the issue
yavoritomov
commented
11 months ago Not sure why but the path to the collection is not getting sent to engine.py. I did not have much time to play with it but got it working by specifying the path to the elastic.py script in the "eda" folder instead of using the collection. I had to modify the docker-compose.yml and elastic-rulebook.yml to get it running.
`---
name: Elastic events hosts: localhost sources: - elastic: elastic_host: elasticsearch elastic_port: 9200 elastic_username: elastic elastic_password: pass elastic_index_pattern: filebeat-* query: | term: container.name.keyword: nginx interval: 5
rules:
ansible-rulebook:
build:
dockerfile: rulebook-dockerfilecontainer_name: ansible-rulebook
restart: unless-stopped volumes:
3-08-25 19:12:48,108 - ansible_rulebook.engine - INFO - load source ansible-rulebook | 2023-08-25 19:12:48,357 - ansible_rulebook.engine - ERROR - Source error ansible-rulebook | Traceback (most recent call last): ansible-rulebook | File "/opt/app-root/lib64/python3.9/site-packages/ansible_rulebook/engine.py", line 111, in start_source ansible-rulebook | raise SourcePluginNotFoundException( ansible-rulebook | ansible_rulebook.exception.SourcePluginNotFoundException: Could not find source plugin for eda.elastic ansible-rulebook | 2023-08-25 19:12:48,357 - ansible_rulebook.engine - ERROR - Shutting down source: eda.elastic error : Could not find source plugin for eda.elastic ansible-rulebook | 2023-08-25 19:12:48,357 - ansible_rulebook.engine - INFO - Broadcast shutdown to all source plugins ansible-rulebook | 2023-08-25 19:12:48,357 - ansible_rulebook.engine - INFO - Broadcast to queues: [<Queue at 0xffffa17197c0 maxsize=1>] ansible-rulebook | 2023-08-25 19:12:48,357 - ansible_rulebook.engine - INFO - Broadcasting shutdown: Shutdown(message='Shutting down source: eda.elastic error : Could not find source plugin for eda.elastic', delay=60.0, kind='graceful', source_plugin='eda.elastic') ansible-rulebook | 2023-08-25 19:12:48,358 - ansible_rulebook.engine - INFO - Waiting for all ruleset tasks to end ansible-rulebook | 2023-08-25 19:12:48,358 - ansible_rulebook.rule_set_runner - INFO - Waiting for actions on events from Elastic events ansible-rulebook | 2023-08-25 19:12:48,358 - ansible_rulebook.rule_set_runner - INFO - Waiting for events, ruleset: Elastic events ansible-rulebook | 2023-08-25 19:12:48,358 - ansible_rulebook.rule_set_runner - INFO - Ruleset: Elastic events, received shut