You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello
I want this rule to send me an email when elastalert detect at least 5 times in less 10 secondes a certain type of log containing a string of characters.
Here my rule, but I dont get email with 6 logs sent in less 10 secondes.
I'm using this command to send logs :
logger -t corosync is down
`
es_host: ip
es_port: port
name: TEST
type: frequency
index: filebeat-*
filter:
"email"
alert_text_type: alert_text_only
alert_text: |
Link is down on host {0}
See full message : {1}
THIS IS A TEST MESSAGE
alert_text_args: ["host.name", "message"]
alert_subject: "[ElastAlert] PROXMOX : Link down alert"
from_addr: "addresse"
email:
Hello
I want this rule to send me an email when elastalert detect at least 5 times in less 10 secondes a certain type of log containing a string of characters.
Here my rule, but I dont get email with 6 logs sent in less 10 secondes.
I'm using this command to send logs :
logger -t corosync is down
`
es_host: ip
es_port: port
name: TEST
type: frequency
index: filebeat-*
filter:
query: "message:"is down""
"@timestamp":
gte: "now-10s/s"
timeframe:
seconds: 10
is_enabled: true
num_events: 5
alert:
alert_text_type: alert_text_only
alert_text: |
Link is down on host {0}
See full message : {1}
THIS IS A TEST MESSAGE
alert_text_args: ["host.name", "message"]
alert_subject: "[ElastAlert] PROXMOX : Link down alert"
from_addr: "addresse"
email:
smtp_host: smtp_host
smtp_port: smtp_port
smtp_auth_file: smtp_auth.yaml
smtp_ssl: false
`
Thanks for helping
The text was updated successfully, but these errors were encountered: