Elastalert failure - Githubissues

philhagen / sof-elk

Configuration files for the SOF-ELK VM

GNU General Public License v3.0

1.47k stars 276 forks source link

Elastalert failure #200

Closed maxy-walker closed 3 years ago

maxy-walker commented 3 years ago

When installing via ansible on CentOS 7 an error occurred when attempting to install/run Elastalert. I don't have the full error code (are there any logs written as I couldn't find the error grepping through /var/log) but it was effectively indicating that there wasn't a suitable version available.

hferrag commented 3 years ago

Have a same error with public/20200327 branch. In replaced version of elastalert (see below) ansible/roles/elastaert/defaults/main.yml : `

elastalert_version: '0.2.1' +elastalert_version: '0.2.2' elastalert_pip_modules:
- setuptools
- texttable
- thehive4py
- elastalert==0.2.1
- elastalert==0.2.2`

Installation via ansible works for me. But elastalert not yet working with ES 7.x (according to the Readme)

maxy-walker commented 3 years ago

That's weird as the Elastalert git issues shows that they put in support for ES 7.x in version 0.2.0b, however there may be some other dependencies that continue to break Elastalert. https://github.com/Yelp/elastalert/issues/2202