Comments (15)
Hello-Linux
commented on May 30, 2024
@weihc02 你好,这个问题问题已经修复了,主要是本地包含了特殊字符导致的.如果还有其他问题请留言
from elastalert_wechat_plugin.
weihc02
commented on May 30, 2024
好的,我再试下,可以考虑支持docker 镜像?
from elastalert_wechat_plugin.
weihc02
commented on May 30, 2024
ERROR:root:Error running query: RequestError(400, u'search_phase_execution_exception', u'No mapping found for [@timestamp] in order to sort on')
INFO:elastalert:Ran schedule from 2019-02-21 12:41 CST to 2019-02-21 12:56 CST: 0 query hits (0 already seen), 0 matches, 0 alerts sent
INFO:elastalert:Sleeping for 59.980169 seconds
模式是@timestamp查询自动,elk默认不是这个,要去哪里修改?
from elastalert_wechat_plugin.
Hello-Linux
commented on May 30, 2024
@weihc02 恩恩谢谢你的提议,下周我就发布到docker hub上. 运行 curl -XGET 'http://elasticsearch地址:9200/elastalert_status/_mapping/'
有没有类似的输出
里面应该有@timestamp这个字段的
from elastalert_wechat_plugin.
Hello-Linux
commented on May 30, 2024
@weihc02 你的"@timestamp 在elastalert_status索引中存在么? elastalert-create-index` 运行了么?
from elastalert_wechat_plugin.
weihc02
commented on May 30, 2024
在config.py 我把默认的改了,重新运行
INFO:elastalert:Queried rule schedule from 2019-02-21 13:08 CST to 2019-02-21 13:11 CST: 1 / 1 hits
/usr/lib/python2.7/site-packages/urllib3/connectionpool.py:858: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
InsecureRequestWarning)
/usr/lib/python2.7/site-packages/urllib3/connectionpool.py:858: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
InsecureRequestWarning)
INFO:elastalert:send msg and response: {"errcode":0,"errmsg":"ok","invaliduser":"15999552312"}
INFO:elastalert:send message to ww10575631340b7ca8
from elastalert_wechat_plugin.
weihc02
commented on May 30, 2024
curl -XGET 'http://127.0.0.1:9200/elastalert_status/_mapping/'
{"elastalert_status":{"mappings":{"elastalert":{"properties":{"@timestamp":{"type":"date","format":"dateOptionalTime"},"aggregate_id":{"type":"keyword"},"alert_info":{"properties":{"type":{"type":"text","fields":{"keyword":{"type":"keyword","ignore_above":256}}}}},"alert_sent":{"type":"boolean"},"alert_time":{"type":"date","format":"dateOptionalTime"},"match_body":{"type":"object","enabled":false},"match_time":{"type":"date","format":"dateOptionalTime"},"rule_name":{"type":"keyword"}}}}}}[root@iZ94rc264jtZ elastalert]
from elastalert_wechat_plugin.
Hello-Linux
commented on May 30, 2024
@weihc02 现在正常了么?
from elastalert_wechat_plugin.
weihc02
commented on May 30, 2024
不正常,没有推到微信。INFO:elastalert:send msg and response: {"errcode":0,"errmsg":"ok","invaliduser":"15999552312"}
这个是无效的用户,微信号是手机号码,怎么会是invaliduser?
from elastalert_wechat_plugin.
Hello-Linux
commented on May 30, 2024
@weihc02 这个要用你微信企业通讯录中的账号ID,我刚更新了代码图片你可以看看去
from elastalert_wechat_plugin.
weihc02
commented on May 30, 2024
是的,确实是这个问题,改了之后可以了。谢谢。期待docker 镜像,更加方便。
from elastalert_wechat_plugin.
Hello-Linux
commented on May 30, 2024
@weihc02 记得加个星星呦! 镜像下周一上
from elastalert_wechat_plugin.
weihc02
commented on May 30, 2024
ok
from elastalert_wechat_plugin.
weihc02
commented on May 30, 2024
用了镜像,启动了一会,就自动停止了,请问日志输出再什么地方?
from elastalert_wechat_plugin.
weihc02
commented on May 30, 2024
Traceback (most recent call last):
File "/usr/local/bin/elastalert-create-index", line 11, in
load_entry_point('elastalert==0.1.38', 'console_scripts', 'elastalert-create-index')()
File "/usr/local/lib/python2.7/site-packages/elastalert-0.1.38-py2.7.egg/elastalert/create_index.py", line 129, in main
esversion = es.info()["version"]["number"]
File "/usr/local/lib/python2.7/site-packages/elasticsearch/client/utils.py", line 76, in _wrapped
return func(*args, params=params, **kwargs)
File "/usr/local/lib/python2.7/site-packages/elasticsearch/client/init.py", line 241, in info
return self.transport.perform_request('GET', '/', params=params)
File "/usr/local/lib/python2.7/site-packages/elasticsearch/transport.py", line 318, in perform_request
status, headers_response, data = connection.perform_request(method, url, params, body, headers=headers, ignore=ignore, timeout=timeout)
File "/usr/local/lib/python2.7/site-packages/elasticsearch/connection/http_requests.py", line 84, in perform_request
raise ConnectionTimeout('TIMEOUT', str(e), e)
elasticsearch.exceptions.ConnectionTimeout: ConnectionTimeout caused by - ConnectTimeout(HTTPConnectionPool(host='192.168.1.223', port=9200): Max retries exceeded with url: / (Caused by ConnectTimeoutError(<urllib3.connection.HTTPConnection object at 0x7f9012e7ea10>, 'Connection to 192.168.1.223 timed out. (connect timeout=60)')))
Traceback (most recent call last):
File "/usr/local/bin/elastalert", line 11, in
load_entry_point('elastalert==0.1.38', 'console_scripts', 'elastalert')()
File "/usr/local/lib/python2.7/site-packages/pkg_resources/init.py", line 489, in load_entry_point
return get_distribution(dist).load_entry_point(group, name)
File "/usr/local/lib/python2.7/site-packages/pkg_resources/init.py", line 2793, in load_entry_point
return ep.load()
File "/usr/local/lib/python2.7/site-packages/pkg_resources/init.py", line 2411, in load
return self.resolve()
File "/usr/local/lib/python2.7/site-packages/pkg_resources/init.py", line 2417, in resolve
module = import(self.module_name, fromlist=['name'], level=0)
File "/usr/local/lib/python2.7/site-packages/elastalert-0.1.38-py2.7.egg/elastalert/elastalert.py", line 21, in
from alerts import DebugAlerter
File "/usr/local/lib/python2.7/site-packages/elastalert-0.1.38-py2.7.egg/elastalert/alerts.py", line 31, in
from thehive4py.api import TheHiveApi
File "/usr/local/lib/python2.7/site-packages/thehive4py-1.6.0-py2.7.egg/thehive4py/api.py", line 7, in
import magic
File "/usr/local/lib/python2.7/site-packages/python_magic-0.4.15-py2.7.egg/magic.py", line 181, in
raise ImportError('failed to find libmagic. Check your installation')
ImportError: failed to find libmagic. Check your installation
Traceback (most recent call last):
File "/usr/local/bin/elastalert-create-index", line 11, in
load_entry_point('elastalert==0.1.38', 'console_scripts', 'elastalert-create-index')()
File "/usr/local/lib/python2.7/site-packages/elastalert-0.1.38-py2.7.egg/elastalert/create_index.py", line 129, in main
esversion = es.info()["version"]["number"]
File "/usr/local/lib/python2.7/site-packages/elasticsearch/client/utils.py", line 76, in _wrapped
return func(*args, params=params, **kwargs)
File "/usr/local/lib/python2.7/site-packages/elasticsearch/client/init.py", line 241, in info
return self.transport.perform_request('GET', '/', params=params)
File "/usr/local/lib/python2.7/site-packages/elasticsearch/transport.py", line 318, in perform_request
status, headers_response, data = connection.perform_request(method, url, params, body, headers=headers, ignore=ignore, timeout=timeout)
File "/usr/local/lib/python2.7/site-packages/elasticsearch/connection/http_requests.py", line 84, in perform_request
raise ConnectionTimeout('TIMEOUT', str(e), e)
elasticsearch.exceptions.ConnectionTimeout: ConnectionTimeout caused by - ConnectTimeout(HTTPConnectionPool(host='192.168.1.223', port=9200): Max retries exceeded with url: / (Caused by ConnectTimeoutError(<urllib3.connection.HTTPConnection object at 0x7f7c333fec90>, 'Connection to 192.168.1.223 timed out. (connect timeout=60)')))
Traceback (most recent call last):
File "/usr/local/bin/elastalert", line 11, in
load_entry_point('elastalert==0.1.38', 'console_scripts', 'elastalert')()
File "/usr/local/lib/python2.7/site-packages/pkg_resources/init.py", line 489, in load_entry_point
return get_distribution(dist).load_entry_point(group, name)
File "/usr/local/lib/python2.7/site-packages/pkg_resources/init.py", line 2793, in load_entry_point
return ep.load()
File "/usr/local/lib/python2.7/site-packages/pkg_resources/init.py", line 2411, in load
return self.resolve()
File "/usr/local/lib/python2.7/site-packages/pkg_resources/init.py", line 2417, in resolve
module = import(self.module_name, fromlist=['name'], level=0)
File "/usr/local/lib/python2.7/site-packages/elastalert-0.1.38-py2.7.egg/elastalert/elastalert.py", line 21, in
from alerts import DebugAlerter
File "/usr/local/lib/python2.7/site-packages/elastalert-0.1.38-py2.7.egg/elastalert/alerts.py", line 31, in
from thehive4py.api import TheHiveApi
File "/usr/local/lib/python2.7/site-packages/thehive4py-1.6.0-py2.7.egg/thehive4py/api.py", line 7, in
import magic
File "/usr/local/lib/python2.7/site-packages/python_magic-0.4.15-py2.7.egg/magic.py", line 181, in
raise ImportError('failed to find libmagic. Check your installation')
ImportError: failed to find libmagic. Check your installation
Traceback (most recent call last):
File "/usr/local/bin/elastalert-create-index", line 11, in
load_entry_point('elastalert==0.1.38', 'console_scripts', 'elastalert-create-index')()
File "/usr/local/lib/python2.7/site-packages/elastalert-0.1.38-py2.7.egg/elastalert/create_index.py", line 129, in main
esversion = es.info()["version"]["number"]
File "/usr/local/lib/python2.7/site-packages/elasticsearch/client/utils.py", line 76, in _wrapped
return func(*args, params=params, **kwargs)
File "/usr/local/lib/python2.7/site-packages/elasticsearch/client/init.py", line 241, in info
return self.transport.perform_request('GET', '/', params=params)
File "/usr/local/lib/python2.7/site-packages/elasticsearch/transport.py", line 318, in perform_request
status, headers_response, data = connection.perform_request(method, url, params, body, headers=headers, ignore=ignore, timeout=timeout)
File "/usr/local/lib/python2.7/site-packages/elasticsearch/connection/http_requests.py", line 84, in perform_request
raise ConnectionTimeout('TIMEOUT', str(e), e)
elasticsearch.exceptions.ConnectionTimeout: ConnectionTimeout caused by - ConnectTimeout(HTTPConnectionPool(host='192.168.1.223', port=9200): Max retries exceeded with url: / (Caused by ConnectTimeoutError(<urllib3.connection.HTTPConnection object at 0x7fbccc82ec90>, 'Connection to 192.168.1.223 timed out. (connect timeout=60)')))
Traceback (most recent call last):
File "/usr/local/bin/elastalert", line 11, in
load_entry_point('elastalert==0.1.38', 'console_scripts', 'elastalert')()
File "/usr/local/lib/python2.7/site-packages/pkg_resources/init.py", line 489, in load_entry_point
return get_distribution(dist).load_entry_point(group, name)
File "/usr/local/lib/python2.7/site-packages/pkg_resources/init.py", line 2793, in load_entry_point
return ep.load()
File "/usr/local/lib/python2.7/site-packages/pkg_resources/init.py", line 2411, in load
return self.resolve()
File "/usr/local/lib/python2.7/site-packages/pkg_resources/init.py", line 2417, in resolve
module = import(self.module_name, fromlist=['name'], level=0)
File "/usr/local/lib/python2.7/site-packages/elastalert-0.1.38-py2.7.egg/elastalert/elastalert.py", line 21, in
from alerts import DebugAlerter
File "/usr/local/lib/python2.7/site-packages/elastalert-0.1.38-py2.7.egg/elastalert/alerts.py", line 31, in
from thehive4py.api import TheHiveApi
File "/usr/local/lib/python2.7/site-packages/thehive4py-1.6.0-py2.7.egg/thehive4py/api.py", line 7, in
import magic
File "/usr/local/lib/python2.7/site-packages/python_magic-0.4.15-py2.7.egg/magic.py", line 181, in
raise ImportError('failed to find libmagic. Check your installation')
ImportError: failed to find libmagic. Check your installation
Traceback (most recent call last):
File "/usr/local/bin/elastalert-create-index", line 11, in
load_entry_point('elastalert==0.1.38', 'console_scripts', 'elastalert-create-index')()
File "/usr/local/lib/python2.7/site-packages/elastalert-0.1.38-py2.7.egg/elastalert/create_index.py", line 129, in main
esversion = es.info()["version"]["number"]
File "/usr/local/lib/python2.7/site-packages/elasticsearch/client/utils.py", line 76, in _wrapped
return func(*args, params=params, **kwargs)
File "/usr/local/lib/python2.7/site-packages/elasticsearch/client/init.py", line 241, in info
return self.transport.perform_request('GET', '/', params=params)
File "/usr/local/lib/python2.7/site-packages/elasticsearch/transport.py", line 318, in perform_request
status, headers_response, data = connection.perform_request(method, url, params, body, headers=headers, ignore=ignore, timeout=timeout)
File "/usr/local/lib/python2.7/site-packages/elasticsearch/connection/http_requests.py", line 84, in perform_request
raise ConnectionTimeout('TIMEOUT', str(e), e)
elasticsearch.exceptions.ConnectionTimeout: ConnectionTimeout caused by - ConnectTimeout(HTTPConnectionPool(host='192.168.1.223', port=9200): Max retries exceeded with url: / (Caused by ConnectTimeoutError(<urllib3.connection.HTTPConnection object at 0x7f80dc487c90>, 'Connection to 192.168.1.223 timed out. (connect timeout=60)')))
Traceback (most recent call last):
File "/usr/local/bin/elastalert", line 11, in
load_entry_point('elastalert==0.1.38', 'console_scripts', 'elastalert')()
File "/usr/local/lib/python2.7/site-packages/pkg_resources/init.py", line 489, in load_entry_point
return get_distribution(dist).load_entry_point(group, name)
File "/usr/local/lib/python2.7/site-packages/pkg_resources/init.py", line 2793, in load_entry_point
return ep.load()
File "/usr/local/lib/python2.7/site-packages/pkg_resources/init.py", line 2411, in load
return self.resolve()
File "/usr/local/lib/python2.7/site-packages/pkg_resources/init.py", line 2417, in resolve
module = import(self.module_name, fromlist=['name'], level=0)
File "/usr/local/lib/python2.7/site-packages/elastalert-0.1.38-py2.7.egg/elastalert/elastalert.py", line 21, in
from alerts import DebugAlerter
File "/usr/local/lib/python2.7/site-packages/elastalert-0.1.38-py2.7.egg/elastalert/alerts.py", line 31, in
from thehive4py.api import TheHiveApi
File "/usr/local/lib/python2.7/site-packages/thehive4py-1.6.0-py2.7.egg/thehive4py/api.py", line 7, in
import magic
File "/usr/local/lib/python2.7/site-packages/python_magic-0.4.15-py2.7.egg/magic.py", line 181, in
raise ImportError('failed to find libmagic. Check your installation')
ImportError: failed to find libmagic. Check your installation
Traceback (most recent call last):
File "/usr/local/bin/elastalert-create-index", line 11, in
load_entry_point('elastalert==0.1.38', 'console_scripts', 'elastalert-create-index')()
File "/usr/local/lib/python2.7/site-packages/elastalert-0.1.38-py2.7.egg/elastalert/create_index.py", line 129, in main
esversion = es.info()["version"]["number"]
File "/usr/local/lib/python2.7/site-packages/elasticsearch/client/utils.py", line 76, in _wrapped
return func(*args, params=params, **kwargs)
File "/usr/local/lib/python2.7/site-packages/elasticsearch/client/init.py", line 241, in info
return self.transport.perform_request('GET', '/', params=params)
File "/usr/local/lib/python2.7/site-packages/elasticsearch/transport.py", line 318, in perform_request
status, headers_response, data = connection.perform_request(method, url, params, body, headers=headers, ignore=ignore, timeout=timeout)
File "/usr/local/lib/python2.7/site-packages/elasticsearch/connection/http_requests.py", line 84, in perform_request
raise ConnectionTimeout('TIMEOUT', str(e), e)
elasticsearch.exceptions.ConnectionTimeout: ConnectionTimeout caused by - ConnectTimeout(HTTPConnectionPool(host='192.168.1.223', port=9200): Max retries exceeded with url: / (Caused by ConnectTimeoutError(<urllib3.connection.HTTPConnection object at 0x7fa5c8c8cc90>, 'Connection to 192.168.1.223 timed out. (connect timeout=60)')))
Traceback (most recent call last):
File "/usr/local/bin/elastalert", line 11, in
load_entry_point('elastalert==0.1.38', 'console_scripts', 'elastalert')()
File "/usr/local/lib/python2.7/site-packages/pkg_resources/init.py", line 489, in load_entry_point
return get_distribution(dist).load_entry_point(group, name)
File "/usr/local/lib/python2.7/site-packages/pkg_resources/init.py", line 2793, in load_entry_point
return ep.load()
File "/usr/local/lib/python2.7/site-packages/pkg_resources/init.py", line 2411, in load
return self.resolve()
File "/usr/local/lib/python2.7/site-packages/pkg_resources/init.py", line 2417, in resolve
module = import(self.module_name, fromlist=['name'], level=0)
File "/usr/local/lib/python2.7/site-packages/elastalert-0.1.38-py2.7.egg/elastalert/elastalert.py", line 21, in
from alerts import DebugAlerter
File "/usr/local/lib/python2.7/site-packages/elastalert-0.1.38-py2.7.egg/elastalert/alerts.py", line 31, in
from thehive4py.api import TheHiveApi
File "/usr/local/lib/python2.7/site-packages/thehive4py-1.6.0-py2.7.egg/thehive4py/api.py", line 7, in
import magic
File "/usr/local/lib/python2.7/site-packages/python_magic-0.4.15-py2.7.egg/magic.py", line 181, in
raise ImportError('failed to find libmagic. Check your installation')
ImportError: failed to find libmagic. Check your installation
from elastalert_wechat_plugin.
Related Issues (8)
- docker 镜像运行,并且挂载了新的config.yaml ,还是提示ConnectTimeout(HTTPConnectionPool(host='192.168.1.223', port=9200): Max retries exceeded wit HOT 3
- 触发条件时间,时区也不对,需要修复 HOT 11
- 告警插件支持多个部门id吗 HOT 1
- ERROR:root:Uncaught exception running rule log_error: tuple index out of range HOT 2
- 插件一运行,导致es挂机,请问是什么问题,查询频率高了 ? HOT 1
- python3.6 企业微信无法报警,python2都快不支持了 HOT 28
- python3运行规则匹配到后不发送告警,0sent? HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from elastalert_wechat_plugin.