These are chat archives for Yelp/elastalert

30th
Mar 2016
sunilmchaudhari
@sunilmchaudhari
Mar 30 2016 04:31
@Qmando Thanks a lot.
x1b2j
@x1b2j
Mar 30 2016 05:15
@Qmando Thanks a lot. I am using realert: minutes: 60 only. I have set the query_key, in order to trigger the alerts on different kind of events.
rameedev
@rameedev
Mar 30 2016 06:10
thanks Qmando I was able to get a standalone elastalert setup done in windows. The issue was the python version. I was using python 3.4 ,uninstalled it and installed 2.7 and the setup completed.
i am now testing some sample rules against my ES indices
snirad
@snirad
Mar 30 2016 06:50
Hi @Qmando , is it possible to make easyAlert write to a local elasticsearch instead of the target elasticsearch it monitors ?
Andy Sasmita
@andysasmita
Mar 30 2016 08:40
Hi :)
I have question, anybody now how to format the alert message? the default looks like this:

Winlogevent2

testuser hat versucht auf BION einzuloggen

@timestamp: 2016-03-30T08:28:17.830Z
_id: AVPGozlXSSk9Gfqm7ILY
_index: winlogbeat-2016.03.30
_type: wineventlog
client_username: testuser
event_id: 4625

can I somehow supress the _id, _index ?
thx before
Jose Armesto
@fiunchinho
Mar 30 2016 09:48
@Qmando I’ve rebased and udpated the PR with a little documentation Yelp/elastalert#446
snirad
@snirad
Mar 30 2016 10:21
Hm, How can I setup easyAlert to work with amazon SES ?
sorry : elastalert
omg O_o\
mike-hogan
@mike-hogan
Mar 30 2016 12:37
Folks, is it possible to have es_host outside the rule.yaml file? I want the same rule applied to many environments, and all that changes is es_host.
Peter Mooshammer
@pmoosh
Mar 30 2016 22:44
@snr
@snirad - SES works. do you have a set working on the SES side?