diff --git a/elastalert/README.md b/elastalert/README.md
index e9f0efa..387252a 100644
--- a/elastalert/README.md
+++ b/elastalert/README.md
@@ -8,16 +8,18 @@ patterns of interest from data in Elasticsearch.
 
 ```bash
 $ docker-compose run --rm elastalert sh
+>>> curl -X DELETE http://elasticsearch:9200/elastalert_*
 >>> elastalert-create-index --config config.yaml
->>> elastalert-test-rule --config config.yaml rules/example.yaml
+>>> elastalert-test-rule --config config.yaml --alert rules/example.yaml
 >>> exit
 
 $ docker-compose up -d
 
 $ docker-compose logs -tf
-elastalert_1  | 2019-10-30T10:33:31.960452334Z bad things happend
-elastalert_1  | 2019-10-30T10:42:27.952772739Z bad things happend
-elastalert_1  | 2019-10-30T10:50:22.808460534Z bad things happend
+Attaching to elastalert_elastalert_1
+elastalert_1  | 2019-10-30T13:53:46.193793451Z bad things happen
+elastalert_1  | 2019-10-30T13:58:45.855636764Z bad things happen
+elastalert_1  | 2019-10-30T14:03:46.444137134Z bad things happen
 ```
 
 > ElastAlert will also load new rules, stop running missing rules, and restart
diff --git a/elastalert/data/config.yaml b/elastalert/data/config.yaml
index b4f6060..f626f39 100644
--- a/elastalert/data/config.yaml
+++ b/elastalert/data/config.yaml
@@ -12,7 +12,7 @@ rules_folder: rules
 # How often ElastAlert will query elasticsearch
 # The unit can be anything from weeks to seconds
 run_every:
-  minutes: 1
+  minutes: 5
 
 # ElastAlert will buffer results from the most recent
 # period of time, in case some log sources are not in real time
@@ -46,4 +46,4 @@ writeback_index: elastalert_status
 # If an alert fails for some reason, ElastAlert will retry
 # sending the alert until this time period has elapsed
 alert_time_limit:
-  hours: 2
+  days: 2
diff --git a/elastalert/data/rules/example.yaml b/elastalert/data/rules/example.yaml
index dc36121..0743d2f 100644
--- a/elastalert/data/rules/example.yaml
+++ b/elastalert/data/rules/example.yaml
@@ -8,7 +8,10 @@ use_count_query: true
 num_events: 10
 
 timeframe:
-  hours: 1
+  minutes: 5
+
+realert:
+  minutes: 60
 
 filter:
 - query:
@@ -16,11 +19,10 @@ filter:
       query: 'response:[500 TO *]'
 
 alert:
+- command:
+    command: [echo, bad, things, happen]
 - slack:
     slack_webhook_url: https://hooks.slack.com/services/XXXXXXXXX/XXXXXXXXX/XXXXXXXXXXXXXXXXXXXXXXXX
     slack_username_override: ElastAlert
     slack_channel_override: '#monit'
     slack_emoji_override: ':bell:'
-- command
-
-command: [echo, bad, things, happen]
diff --git a/elastalert/docker-compose.yml b/elastalert/docker-compose.yml
index 182dad3..c6bea2a 100644
--- a/elastalert/docker-compose.yml
+++ b/elastalert/docker-compose.yml
@@ -5,6 +5,8 @@ services:
     image: vimagick/elastalert
     volumes:
       - ./data:/opt/elastalert
+    environment:
+      - TZ=Asia/Shanghai
     restart: unless-stopped
 
 networks: