我在aws上设置了elastalert,我可以使用命令python -m elastalert.elastalert --verbose --rule example_rules/example_frequency.yaml
或python -m elastalert.elastalert --config ./config.yaml --verbose
直接在终端中调用它,并在终端输出,并在频率为时向我的电子邮件地址发送电子邮件提醒匹配。
INFO:elastalert:Sent email to ['MY-EMAIL-ADDRESS@gmail.com']
INFO:elastalert:Ignoring match for silenced rule Rule DOTs JDBC
INFO:elastalert:Ignoring match for silenced rule Rule DOTs JDBC
INFO:elastalert:Ignoring match for silenced rule Rule DOTs JDBC
INFO:elastalert:Ignoring match for silenced rule Rule DOTs JDBC
INFO:elastalert:Ignoring match for silenced rule Rule DOTs JDBC
INFO:elastalert:Ignoring match for silenced rule Rule DOTs JDBC
INFO:elastalert:Ran Rule DOTs JDBC from 2016-03-03 17:38 UTC to 2016-03-03 17:41 UTC: 14 query hits, 7 matches, 1 alerts sent
我有主管在运行,但我不确定如何让它运行elastalert。
这是supervisord.conf的内容
[unix_http_server]
file=/var/run/elastalert_supervisor.sock
[supervisord]
logfile=/var/log/elastalert_supervisord.log
logfile_maxbytes=1MB
logfile_backups=2
loglevel=debug
nodaemon=false
directory=%(here)s
[rpcinterface:supervisor]
supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
[supervisorctl]
serverurl=unix:///var/run/elastalert_supervisor.sock
[program:elastalert]
# running globally
# command=python elastalert.py --verbose
# command=python elastalert.py --config ./config.yaml --verbose
# (alternative) using virtualenv
# command=~/elastalert-master/elastalert --config /elastalert-master/config.yaml --verbose
# command=python -m elastalert.elastalert --config ~/elastalert-master/example_rules/example_frequency.yaml --verbose
command=python elastalert.py --config /elastalert-master/config.yaml --verbose
process_name=elastalert
autorestart=true
startsecs=15
stopsignal=INT
stopasgroup=true
killasgroup=true
stderr_logfile=/var/log/elastalert_stderr.log
stderr_logfile_maxbytes=5MB
stdout_logfile=/var/log/elastalert_stdout.log
正如您所看到的,我正在尝试不同的命令[program:elastalert]
部分。
这里是/var/log/elastalert_supervisord.log
2016-03-03 17:10:48,551 WARN received SIGTERM indicating exit request
2016-03-03 17:10:57,251 CRIT Supervisor running as root (no user in config file)
2016-03-03 17:10:57,291 INFO RPC interface 'supervisor' initialized
2016-03-03 17:10:57,291 CRIT Server 'unix_http_server' running without any HTTP authentication checking
2016-03-03 17:10:57,293 INFO daemonizing the supervisord process
2016-03-03 17:10:57,293 INFO set current directory: '/etc'
2016-03-03 17:10:57,293 INFO supervisord started with pid 21873
2016-03-03 17:10:58,305 INFO spawned: 'elastalert' with pid 21874
2016-03-03 17:10:58,385 DEBG 'elastalert' stderr output:
python: can't open file 'elastalert.py': [Errno 2] No such file or directory
2016-03-03 17:10:58,385 DEBG fd 9 closed, stopped monitoring <POutputDispatcher at 139842124087376 for <Subprocess at 139842124370360 with name elastalert in state STARTING> (stderr)>
2016-03-03 17:10:58,385 DEBG fd 7 closed, stopped monitoring <POutputDispatcher at 139842124089680 for <Subprocess at 139842124370360 with name elastalert in state STARTING> (stdout)>
2016-03-03 17:10:58,385 INFO exited: elastalert (exit status 2; not expected)
2016-03-03 17:10:58,385 DEBG received SIGCLD indicating a child quit
2016-03-03 17:10:59,388 INFO spawned: 'elastalert' with pid 21875
2016-03-03 17:10:59,487 DEBG 'elastalert' stderr output:
python: can't open file 'elastalert.py': [Errno 2] No such file or directory
2016-03-03 17:10:59,488 DEBG fd 7 closed, stopped monitoring <POutputDispatcher at 139842124087376 for <Subprocess at 139842124370360 with name elastalert in state STARTING> (stdout)>
2016-03-03 17:10:59,488 DEBG fd 9 closed, stopped monitoring <POutputDispatcher at 139842124089680 for <Subprocess at 139842124370360 with name elastalert in state STARTING> (stderr)>
2016-03-03 17:10:59,488 INFO exited: elastalert (exit status 2; not expected)
2016-03-03 17:10:59,488 DEBG received SIGCLD indicating a child quit
2016-03-03 17:11:01,493 INFO spawned: 'elastalert' with pid 21885
2016-03-03 17:11:01,539 DEBG 'elastalert' stderr output:
python: can't open file 'elastalert.py': [Errno 2] No such file or directory
2016-03-03 17:11:01,540 DEBG fd 7 closed, stopped monitoring <POutputDispatcher at 139842124087376 for <Subprocess at 139842124370360 with name elastalert in state STARTING> (stdout)>
2016-03-03 17:11:01,540 DEBG fd 9 closed, stopped monitoring <POutputDispatcher at 139842124088960 for <Subprocess at 139842124370360 with name elastalert in state STARTING> (stderr)>
2016-03-03 17:11:01,540 INFO exited: elastalert (exit status 2; not expected)
2016-03-03 17:11:01,540 DEBG received SIGCLD indicating a child quit
2016-03-03 17:11:04,565 INFO spawned: 'elastalert' with pid 21887
2016-03-03 17:11:04,703 DEBG 'elastalert' stderr output:
python: can't open file 'elastalert.py': [Errno 2] No such file or directory
2016-03-03 17:11:04,703 DEBG fd 7 closed, stopped monitoring <POutputDispatcher at 139842124087376 for <Subprocess at 139842124370360 with name elastalert in state STARTING> (stdout)>
2016-03-03 17:11:04,703 DEBG fd 9 closed, stopped monitoring <POutputDispatcher at 139842124088528 for <Subprocess at 139842124370360 with name elastalert in state STARTING> (stderr)>
2016-03-03 17:11:04,703 INFO exited: elastalert (exit status 2; not expected)
2016-03-03 17:11:04,703 DEBG received SIGCLD indicating a child quit
2016-03-03 17:11:05,704 INFO gave up: elastalert entered FATAL state, too many start retries too quickly
非常感谢您的帮助。
答案 0 :(得分:4)
感谢Val 您的评论让我走上正轨 这是在supervisord命令部分错误的部分
command=python -m elastalert.elastalert --config /root/elastalert-master/config.yaml --verbose
supervisord.conf
......
[program:elastalert]
# running globally
command=python -m elastalert.elastalert --config /root/elastalert-master/config.yaml --verbose
process_name=elastalert
autorestart=true
startsecs=15
stopsignal=INT
stopasgroup=true
killasgroup=true
stderr_logfile=/var/log/elastalert_stderr.log
stderr_logfile_maxbytes=5MB
....
所以最后我并没有那么遥远:D
希望这可以帮助他人。