From 3b9f8be14814d4c68225876819a65f01b89e314b Mon Sep 17 00:00:00 2001 From: nsano-rururu Date: Fri, 17 Nov 2023 02:50:44 +0900 Subject: [PATCH 1/2] Update docs --- docs/source/recipes/exposing_rule_metrics.rst | 2 +- docs/source/recipes/faq.rst | 15 +++++++++++++-- docs/source/ruletypes.rst | 15 +++++++++++---- 3 files changed, 25 insertions(+), 7 deletions(-) diff --git a/docs/source/recipes/exposing_rule_metrics.rst b/docs/source/recipes/exposing_rule_metrics.rst index 40d13550..4c7f4671 100644 --- a/docs/source/recipes/exposing_rule_metrics.rst +++ b/docs/source/recipes/exposing_rule_metrics.rst @@ -16,7 +16,7 @@ To expose ElastAlert rule metrics on port ``9979`` run the following command: Rule Metrics ------------ -The metrics being exposed are related to the `ElastAlert metadata indices `_. The exposed metrics are in the `Prometheus text-based format `_. Metrics are of the metric type `counter `_ or `gauge `_ and follow the `Prometheus metric naming `_. +The metrics being exposed are related to the `ElastAlert 2 metadata indices `_. The exposed metrics are in the `Prometheus text-based format `_. Metrics are of the metric type `counter `_ or `gauge `_ and follow the `Prometheus metric naming `_. In the standard metric definition, the metric names are structured as follows: diff --git a/docs/source/recipes/faq.rst b/docs/source/recipes/faq.rst index 2523b7cf..60b467d1 100644 --- a/docs/source/recipes/faq.rst +++ b/docs/source/recipes/faq.rst @@ -400,8 +400,9 @@ This is the default limit for ElasticSearch. Specifying more than 1024 items in This is a known issue. Perhaps White List can have similar issues. See the following issues on the original yelp/elastalert for more information. -https://github.com/Yelp/elastalert/issues/1867
-https://github.com/Yelp/elastalert/issues/2704 +`Blacklist filter with 10.000+ terms is extremely slow `_. + +`Failed to parse query for blacklist rule when file contains more than 1024 entries `_. ElastAlert 2 doesn't have a listening port? ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ @@ -505,3 +506,13 @@ example .. code-block:: yaml disable_rules_on_error: false + + +Is there an introductory article about elastalert2? +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +Yelp, the developer of the original elastalert, has the following article on its blog. + +`ElastAlert: Alerting At Scale With Elasticsearch, Part 1 `_. + +`ElastAlert: Alerting At Scale With Elasticsearch, Part 2 `_. \ No newline at end of file diff --git a/docs/source/ruletypes.rst b/docs/source/ruletypes.rst index 83ccbe86..bf3023e3 100644 --- a/docs/source/ruletypes.rst +++ b/docs/source/ruletypes.rst @@ -1537,7 +1537,9 @@ or - googlechat - gelf - hivealerter + - iris - jira + - lark - linenotify - mattermost - ms_teams @@ -1723,7 +1725,7 @@ Alerta ~~~~~~ Alerta alerter will post an alert in the Alerta server instance through the alert API endpoint. -See https://docs.alerta.io/en/latest/api/alert.html for more details on the Alerta JSON format. +See https://docs.alerta.io/api/reference.html#alerts for more details on the Alerta JSON format. For Alerta 5.0 @@ -2454,6 +2456,11 @@ Optional: ``gelf_timeout``: Custom timeout. +Grafana OnCall +~~~~~~~~~~~~~~ + +https://grafana.com/docs/oncall/latest/integrations/elastalert/ + HTTP POST ~~~~~~~~~ @@ -2819,7 +2826,7 @@ Mattermost alerter will send a notification to a predefined Mattermost channel. The alerter requires the following option: -``mattermost_webhook_url``: The webhook URL. Follow the instructions on https://docs.mattermost.com/developer/webhooks-incoming.html to create an incoming webhook on your Mattermost installation. +``mattermost_webhook_url``: The webhook URL. Follow the instructions on https://developers.mattermost.com/integrate/webhooks/incoming/ to create an incoming webhook on your Mattermost installation. Optional: @@ -2842,7 +2849,7 @@ Provide absolute address of the pciture. ``mattermost_msg_color``: By default the alert will be posted with the 'danger' color. You can also use 'good', 'warning', or hex color code. ``mattermost_msg_fields``: You can add fields to your Mattermost alerts using this option. You can specify the title using `title` and the text value using `value`. Additionally you can specify whether this field should be a `short` field using `short: true`. If you set `args` and `value` is a formattable string, ElastAlert 2 will format the incident key based on the provided array of fields from the rule or match. -See https://docs.mattermost.com/developer/message-attachments.html#fields for more information. +See https://developers.mattermost.com/integrate/reference/message-attachments/#fields for more information. Example mattermost_msg_fields:: @@ -3206,7 +3213,7 @@ Configuration variables in rules YAML file:: Title: http_post_all_values: true -For more details, you can refer the `Squadcast documentation `_. +For more details, you can refer the `Squadcast documentation `_. ServiceNow ~~~~~~~~~~ From 027df7ac5b388d64158c47266bc132b80ba62ce5 Mon Sep 17 00:00:00 2001 From: nsano-rururu Date: Fri, 17 Nov 2023 02:55:52 +0900 Subject: [PATCH 2/2] Update CHANGELOG.md --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index f714b89f..19fc83e2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,6 +9,7 @@ ## Other changes - Refactored FlatlineRule to make it more extensible - [#1291](https://github.com/jertel/elastalert2/pull/1291) - @rundef - Add support for Kibana 8.11 for Kibana Discover - [#1305](https://github.com/jertel/elastalert2/pull/1305) - @nsano-rururu +- Update docs - [#1311](https://github.com/jertel/elastalert2/pull/1311) - @nsano-rururu # 2.14.0