Closed userzhangqg closed 1 year ago
There's not enough of the log included for me to understand what happened to ElastAlert 2 after the connection problem. If you are stating that the entire ElastAlert 2 application ceased to function then I will need those logs.
However, the discussion title suggests that only the single rule is not longer firing. ElastAlert 2 will auto disable failed rules. This behavior can be disabled if desired.
Why some of my alert rules stopped searching after a network timeout? When the network problem occurred, the query was interrupted. Not sure if it is strongly related to network problems. When I restarted the service, the problem was resolved, but it appeared again some time later
error log:
As you can see from the ELASTALERT2 search log in the ES store, there have been two interrupts in the last 30 days, I have restarted the service twice, and the alert rule will resume
my version: 2.6.0
my config:
rule: