These are chat archives for Yelp/elastalert

7th
Apr 2016
snirad
@snirad
Apr 07 2016 05:29
yea, I basicly want to know if a server stoped reporting to elasticsearch
Jose Armesto
@fiunchinho
Apr 07 2016 11:59
is there an easy way to format the email alert with HTML?
snirad
@snirad
Apr 07 2016 17:28
@Qmando if you get a chance, Is there a method to alert if we a server did not write to elasticsearch in the last 15 minute ?
providing elastAlert got an initial message like in flatline
Since each server is wiriting to elasticsarch at least once a minute, its a way for me to check if they are alive ;xd
Quentin Long
@Qmando
Apr 07 2016 17:32
Does flatline not work?
snirad
@snirad
Apr 07 2016 17:34

type: flatline
threshold: 1
timeframe:
minutes: 3

use_count_query: true
doc_type: "testquery"

failed :<
with query_key: "@source" failed as well
I reduced the timeframe for debugging
Quentin Long
@Qmando
Apr 07 2016 17:36
When you say failed, what do you mean
snirad
@snirad
Apr 07 2016 17:36
I run elastalert, I let server report to elasticsarch, stopped the server for 5 minutes
didnt get alert for it