Apr 2016
Quentin Long
Apr 22 2016 16:43
@armoured-ape : You can lower buffer_time to something like 5 minutes, or less (not less than run_every), then maybe the query won't return too many hits?
Apr 22 2016 16:54
Is there any guides on how to incorporate Elastalert with Puppet?
Sorry, ARE there any guides....
Quentin Long
Apr 22 2016 16:57
You can probably use supervisord and then create a service resource with custom start/stop commands. "supervisorctl -c configfile start/stop"
OR you could run it in docker and use the docker puppet module
I don't think there are any guides for that specifically