我在 aws 上设置了 elastalert,我可以使用命令 python -m elastalert.elastalert --verbose --rule example_rules/example_frequency.yaml 或 python -m elastalert.elastalert --config ./config.yaml --verbose 和终端中的输出直接在终端中调用它,并在频率匹配时向我的电子邮件地址发送电子邮件警报。
INFO:elastalert:Sent email to ['[email protected]']
INFO:elastalert:Ignoring match for silenced rule Rule DOTs JDBC
INFO:elastalert:Ignoring match for silenced rule Rule DOTs JDBC
INFO:elastalert:Ignoring match for silenced rule Rule DOTs JDBC
INFO:elastalert:Ignoring match for silenced rule Rule DOTs JDBC
INFO:elastalert:Ignoring match for silenced rule Rule DOTs JDBC
INFO:elastalert:Ignoring match for silenced rule Rule DOTs JDBC
INFO:elastalert:Ran Rule DOTs JDBC from 2016-03-03 17:38 UTC to 2016-03-03 17:41 UTC: 14 query hits, 7 matches, 1 alerts sent
我有主管在运行,但不知道如何让它运行 elastalert。
这是 supervisord.conf 的内容
[unix_http_server]
file=/var/run/elastalert_supervisor.sock
[supervisord]
logfile=/var/log/elastalert_supervisord.log
logfile_maxbytes=1MB
logfile_backups=2
loglevel=debug
nodaemon=false
directory=%(here)s
[rpcinterface:supervisor]
supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
[supervisorctl]
serverurl=unix:///var/run/elastalert_supervisor.sock
[program:elastalert]
# running globally
# command=python elastalert.py --verbose
# command=python elastalert.py --config ./config.yaml --verbose
# (alternative) using virtualenv
# command=~/elastalert-master/elastalert --config /elastalert-master/config.yaml --verbose
# command=python -m elastalert.elastalert --config ~/elastalert-master/example_rules/example_frequency.yaml --verbose
command=python elastalert.py --config /elastalert-master/config.yaml --verbose
process_name=elastalert
autorestart=true
startsecs=15
stopsignal=INT
stopasgroup=true
killasgroup=true
stderr_logfile=/var/log/elastalert_stderr.log
stderr_logfile_maxbytes=5MB
stdout_logfile=/var/log/elastalert_stdout.log
如您所见,我正在尝试不同的命令
[program:elastalert] 部分。这是
/var/log/elastalert_supervisord.log 中的日志片段2016-03-03 17:10:48,551 WARN received SIGTERM indicating exit request
2016-03-03 17:10:57,251 CRIT Supervisor running as root (no user in config file)
2016-03-03 17:10:57,291 INFO RPC interface 'supervisor' initialized
2016-03-03 17:10:57,291 CRIT Server 'unix_http_server' running without any HTTP authentication checking
2016-03-03 17:10:57,293 INFO daemonizing the supervisord process
2016-03-03 17:10:57,293 INFO set current directory: '/etc'
2016-03-03 17:10:57,293 INFO supervisord started with pid 21873
2016-03-03 17:10:58,305 INFO spawned: 'elastalert' with pid 21874
2016-03-03 17:10:58,385 DEBG 'elastalert' stderr output:
python: can't open file 'elastalert.py': [Errno 2] No such file or directory
2016-03-03 17:10:58,385 DEBG fd 9 closed, stopped monitoring <POutputDispatcher at 139842124087376 for <Subprocess at 139842124370360 with name elastalert in state STARTING> (stderr)>
2016-03-03 17:10:58,385 DEBG fd 7 closed, stopped monitoring <POutputDispatcher at 139842124089680 for <Subprocess at 139842124370360 with name elastalert in state STARTING> (stdout)>
2016-03-03 17:10:58,385 INFO exited: elastalert (exit status 2; not expected)
2016-03-03 17:10:58,385 DEBG received SIGCLD indicating a child quit
2016-03-03 17:10:59,388 INFO spawned: 'elastalert' with pid 21875
2016-03-03 17:10:59,487 DEBG 'elastalert' stderr output:
python: can't open file 'elastalert.py': [Errno 2] No such file or directory
2016-03-03 17:10:59,488 DEBG fd 7 closed, stopped monitoring <POutputDispatcher at 139842124087376 for <Subprocess at 139842124370360 with name elastalert in state STARTING> (stdout)>
2016-03-03 17:10:59,488 DEBG fd 9 closed, stopped monitoring <POutputDispatcher at 139842124089680 for <Subprocess at 139842124370360 with name elastalert in state STARTING> (stderr)>
2016-03-03 17:10:59,488 INFO exited: elastalert (exit status 2; not expected)
2016-03-03 17:10:59,488 DEBG received SIGCLD indicating a child quit
2016-03-03 17:11:01,493 INFO spawned: 'elastalert' with pid 21885
2016-03-03 17:11:01,539 DEBG 'elastalert' stderr output:
python: can't open file 'elastalert.py': [Errno 2] No such file or directory
2016-03-03 17:11:01,540 DEBG fd 7 closed, stopped monitoring <POutputDispatcher at 139842124087376 for <Subprocess at 139842124370360 with name elastalert in state STARTING> (stdout)>
2016-03-03 17:11:01,540 DEBG fd 9 closed, stopped monitoring <POutputDispatcher at 139842124088960 for <Subprocess at 139842124370360 with name elastalert in state STARTING> (stderr)>
2016-03-03 17:11:01,540 INFO exited: elastalert (exit status 2; not expected)
2016-03-03 17:11:01,540 DEBG received SIGCLD indicating a child quit
2016-03-03 17:11:04,565 INFO spawned: 'elastalert' with pid 21887
2016-03-03 17:11:04,703 DEBG 'elastalert' stderr output:
python: can't open file 'elastalert.py': [Errno 2] No such file or directory
2016-03-03 17:11:04,703 DEBG fd 7 closed, stopped monitoring <POutputDispatcher at 139842124087376 for <Subprocess at 139842124370360 with name elastalert in state STARTING> (stdout)>
2016-03-03 17:11:04,703 DEBG fd 9 closed, stopped monitoring <POutputDispatcher at 139842124088528 for <Subprocess at 139842124370360 with name elastalert in state STARTING> (stderr)>
2016-03-03 17:11:04,703 INFO exited: elastalert (exit status 2; not expected)
2016-03-03 17:11:04,703 DEBG received SIGCLD indicating a child quit
2016-03-03 17:11:05,704 INFO gave up: elastalert entered FATAL state, too many start retries too quickly
非常感谢您的帮助。
最佳答案
谢谢 Val 你的评论让我走上正轨
这是supervisord命令部分错误的部分
command=python -m elastalert.elastalert --config /root/elastalert-master/config.yaml --verbose
配置文件
......
[program:elastalert]
# running globally
command=python -m elastalert.elastalert --config /root/elastalert-master/config.yaml --verbose
process_name=elastalert
autorestart=true
startsecs=15
stopsignal=INT
stopasgroup=true
killasgroup=true
stderr_logfile=/var/log/elastalert_stderr.log
stderr_logfile_maxbytes=5MB
....
所以我最终并没有那么远:D
希望这可以帮助其他人。
G
关于python - 如何与主管一起运行 ElastAlert,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/35779450/