mirrors/dockerfiles_vimagick
2
0
Fork 0
mirror of https://github.com/vimagick/dockerfiles.git synced 2025-12-21 21:33:02 +01:00
Code Issues Projects Releases Wiki Activity

add elastalert

Browse Source
This commit is contained in:
kev
2018-08-01 16:03:18 +08:00
parent d90056efe5
commit f77e38fea7
4 changed files with 74 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
README.md
View File

@@ -254,6 +254,7 @@ A collection of delicious docker recipes.
- [x] puckel/docker-airflow - [x] puckel/docker-airflow
- [x] drone/drone - [x] drone/drone
- [x] drupal - [x] drupal
- [x] elastalert
- [x] elk - [x] elk
- [x] ghost - [x] ghost
- [x] gitlab/gitlab-ce - [x] gitlab/gitlab-ce

13
elastalert/README.md Normal file
View File

@@ -0,0 +1,13 @@
ElastAlert
==========
http://elastalert.readthedocs.io/en/latest/
```bash
$ docker-compose up -d
$ docker-compose exec elastalert sh
>>> cd /opt/elastalert/rules
>>> elastalert-test-rule xxx.yaml
>>> exit
$ docker-compose restart
```

49
elastalert/data/config.yaml Normal file
View File

@@ -0,0 +1,49 @@
# The elasticsearch hostname for metadata writeback
# Note that every rule can have its own elasticsearch host
es_host: elasticsearch
# The elasticsearch port
es_port: 9200
# This is the folder that contains the rule yaml files
# Any .yaml file will be loaded as a rule
rules_folder: rules
# How often ElastAlert will query elasticsearch
# The unit can be anything from weeks to seconds
run_every:
seconds: 60
# ElastAlert will buffer results from the most recent
# period of time, in case some log sources are not in real time
buffer_time:
minutes: 15
# Optional URL prefix for elasticsearch
#es_url_prefix: elasticsearch
# Connect with TLS to elasticsearch
#use_ssl: True
# Verify TLS certificates
#verify_certs: True
# GET request with body is the default option for Elasticsearch.
# If it fails for some reason, you can pass 'GET', 'POST' or 'source'.
# See http://elasticsearch-py.readthedocs.io/en/master/connection.html?highlight=send_get_body_as#transport
# for details
#es_send_get_body_as: GET
# Option basic-auth username and password for elasticsearch
#es_username: someusername
#es_password: somepassword
# The index on es_host which is used for metadata storage
# This can be a unmapped index, but it is recommended that you run
# elastalert-create-index to set a mapping
writeback_index: elastalert_status
# If an alert fails for some reason, ElastAlert will retry
# sending the alert until this time period has elapsed
alert_time_limit:
hours: 2

11
elastalert/docker-compose.yml Normal file
View File

@@ -0,0 +1,11 @@
elastalert:
image: bitsensor/elastalert
ports:
- "3030:3030"
volumes:
- ./data/config.yaml:/opt/elastalert/config.yaml
- ./data/rules:/opt/elastalert/rules
environment:
- ES_HOST=elasticsearch
- ES_PORT=9200
restart: always