Closed laileman closed 10 months ago
docker-compose.yml
version: "3.0" services: esalert: container_name: esalert hostname: esalert volumes: - ./rules:/opt/elastalert/rules - ./config/config.yaml:/opt/elastalert/config.yaml restart: always image: jertel/elastalert2:2.13.2
config:
cat config/config.yaml --- rules_folder: /opt/elastalert/rules scan_subdirectories: true run_every: minutes: 1 buffer_time: minutes: 15 es_host: 10.0.0.0 es_port: 9200 es_username: elastalert2 es_password: xxxxx writeback_index: elastalert2 use_ssl: True ssl_show_warn: False verify_certs: False alert_time_limit: minutes: 2880
rules:
cat rules/slow.yaml name: thanos slow query type: frequency index: bge num_events: 1 timeframe: minutes: 1h filter: - query: query_string: query: ".*slow query detected.*" query_key: - log include: - cluster - pod alert_subject: "thanos on cluster {} | {} pod have slow query" alert_subject_args: - cluster - pod alert_text: "thanos slow query is exist in cluster {} log: {} pod: {}" alert_text_agrs: - cluster - log - pod alert: - "post" http_post_url: "https://webhook.site/xxxx" http_post_all_values: True
I got these error:
During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/usr/local/bin/elastalert", line 8, in <module> sys.exit(main()) ^^^^^^ File "/usr/local/lib/python3.11/site-packages/elastalert/elastalert.py", line 1868, in main client = ElastAlerter(args) ^^^^^^^^^^^^^^^^^^ File "/usr/local/lib/python3.11/site-packages/elastalert/elastalert.py", line 127, in __init__ self.rules = self.rules_loader.load(self.conf, self.args) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/lib/python3.11/site-packages/elastalert/loaders.py", line 176, in load raise EAException('Error loading file %s: %s' % (rule_file, e)) elastalert.util.EAException: Error loading file /opt/elastalert/rules/slow.yaml: Invalid Rule file: /opt/elastalert/rules/slow.yaml {'name': 'thanos slow query', 'type': 'frequency', 'index': 'bge', 'num_events': 1, 'timeframe': {'minutes': '1h'}, 'filter': [{'query': {'query_sting': {'query': '.*slow query detected.*'}}}], 'query_key': ['log'], 'include': ['cluster', 'pod'], 'alert_subject': 'thanos on cluster {} | {} pod have slow query', 'alert_subject_args': ['cluster', 'pod'], 'alert_text': 'thanos slow query is exist in cluster {} log: {} pod: {}', 'alert_text_agrs': ['cluster', 'log', 'pod'], 'alert': ['post'], 'http_post_url': 'https://webhook.site/cb6108bd-31ae-405f-a5c9-25ec08e17bd8', 'http_post_all_values': True, 'rule_file': '/opt/elastalert/rules/slow.yaml'} is not valid under any of the given schemas Failed validating 'oneOf' in schema: {'$schema': 'http://json-schema.org/draft-07/schema#', 'definitions': {'arrayOfMattermostFields': {'items': {'additionalProperties': False, 'properties': {'args': {'items': {'type': 'string'}, 'type': ['string', 'array']}, 'short': {'type': 'boolean'}, ........ 1 version: "3.0" 'zbx_sender_host': {'type': 'string'}, 'zbx_sender_port': {'type': 'integer'}}, 'required': ['type', 'index', 'alert'], 'type': 'object'} On instance: {'alert': ['post'], 'alert_subject': 'thanos on cluster {} | {} pod have slow query', 'alert_subject_args': ['cluster', 'pod'], 'alert_text': 'thanos slow query is exist in cluster {} log: {} pod: ' '{}', 'alert_text_agrs': ['cluster', 'log', 'pod'], 'filter': [{'query': {'query_sting': {'query': '.*slow query ' 'detected.*'}}}], 'http_post_all_values': True, 'http_post_url': 'https://webhook.site/cb6108bd-31ae-405f-a5c9-25ec08e17bd8', 'include': ['cluster', 'pod'], 'index': 'bge', 'name': 'thanos slow query', 'num_events': 1, 'query_key': ['log'], 'rule_file': '/opt/elastalert/rules/slow.yaml', 'timeframe': {'minutes': '1h'}, 'type': 'frequency'}
docker-compose.yml
config:
rules:
I got these error: