Skip to content

Commit

Permalink
Update docs
Browse files Browse the repository at this point in the history
  • Loading branch information
nsano-rururu committed Nov 16, 2023
1 parent 9d79c51 commit 3b9f8be
Show file tree
Hide file tree
Showing 3 changed files with 25 additions and 7 deletions.
2 changes: 1 addition & 1 deletion docs/source/recipes/exposing_rule_metrics.rst
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ To expose ElastAlert rule metrics on port ``9979`` run the following command:
Rule Metrics
------------

The metrics being exposed are related to the `ElastAlert metadata indices <https://elastalert2.readthedocs.io/en/latest/elastalert_status.html>`_. The exposed metrics are in the `Prometheus text-based format <https://prometheus.io/docs/instrumenting/exposition_formats/#text-based-format>`_. Metrics are of the metric type `counter <https://prometheus.io/docs/concepts/metric_types/#counter>`_ or `gauge <https://prometheus.io/docs/concepts/metric_types/#gauge>`_ and follow the `Prometheus metric naming <https://prometheus.io/docs/practices/naming/>`_.
The metrics being exposed are related to the `ElastAlert 2 metadata indices <https://elastalert2.readthedocs.io/en/latest/elastalert_status.html>`_. The exposed metrics are in the `Prometheus text-based format <https://prometheus.io/docs/instrumenting/exposition_formats/#text-based-format>`_. Metrics are of the metric type `counter <https://prometheus.io/docs/concepts/metric_types/#counter>`_ or `gauge <https://prometheus.io/docs/concepts/metric_types/#gauge>`_ and follow the `Prometheus metric naming <https://prometheus.io/docs/practices/naming/>`_.

In the standard metric definition, the metric names are structured as follows:

Expand Down
15 changes: 13 additions & 2 deletions docs/source/recipes/faq.rst
Original file line number Diff line number Diff line change
Expand Up @@ -400,8 +400,9 @@ This is the default limit for ElasticSearch. Specifying more than 1024 items in
This is a known issue. Perhaps White List can have similar issues.
See the following issues on the original yelp/elastalert for more information.

https://github.com/Yelp/elastalert/issues/1867<br>
https://github.com/Yelp/elastalert/issues/2704
`Blacklist filter with 10.000+ terms is extremely slow <https://github.com/Yelp/elastalert/issues/1867>`_.

`Failed to parse query for blacklist rule when file contains more than 1024 entries <https://github.com/Yelp/elastalert/issues/2704>`_.

ElastAlert 2 doesn't have a listening port?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Expand Down Expand Up @@ -505,3 +506,13 @@ example
.. code-block:: yaml
disable_rules_on_error: false
Is there an introductory article about elastalert2?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Yelp, the developer of the original elastalert, has the following article on its blog.

`ElastAlert: Alerting At Scale With Elasticsearch, Part 1 <https://engineeringblog.yelp.com/2015/10/elastalert-alerting-at-scale-with-elasticsearch.html>`_.

`ElastAlert: Alerting At Scale With Elasticsearch, Part 2 <https://engineeringblog.yelp.com/2016/03/elastalert-part-two.html>`_.
15 changes: 11 additions & 4 deletions docs/source/ruletypes.rst
Original file line number Diff line number Diff line change
Expand Up @@ -1537,7 +1537,9 @@ or
- googlechat
- gelf
- hivealerter
- iris
- jira
- lark
- linenotify
- mattermost
- ms_teams
Expand Down Expand Up @@ -1723,7 +1725,7 @@ Alerta
~~~~~~

Alerta alerter will post an alert in the Alerta server instance through the alert API endpoint.
See https://docs.alerta.io/en/latest/api/alert.html for more details on the Alerta JSON format.
See https://docs.alerta.io/api/reference.html#alerts for more details on the Alerta JSON format.

For Alerta 5.0

Expand Down Expand Up @@ -2454,6 +2456,11 @@ Optional:

``gelf_timeout``: Custom timeout.

Grafana OnCall
~~~~~~~~~~~~~~

https://grafana.com/docs/oncall/latest/integrations/elastalert/

HTTP POST
~~~~~~~~~

Expand Down Expand Up @@ -2819,7 +2826,7 @@ Mattermost alerter will send a notification to a predefined Mattermost channel.

The alerter requires the following option:

``mattermost_webhook_url``: The webhook URL. Follow the instructions on https://docs.mattermost.com/developer/webhooks-incoming.html to create an incoming webhook on your Mattermost installation.
``mattermost_webhook_url``: The webhook URL. Follow the instructions on https://developers.mattermost.com/integrate/webhooks/incoming/ to create an incoming webhook on your Mattermost installation.

Optional:

Expand All @@ -2842,7 +2849,7 @@ Provide absolute address of the pciture.
``mattermost_msg_color``: By default the alert will be posted with the 'danger' color. You can also use 'good', 'warning', or hex color code.

``mattermost_msg_fields``: You can add fields to your Mattermost alerts using this option. You can specify the title using `title` and the text value using `value`. Additionally you can specify whether this field should be a `short` field using `short: true`. If you set `args` and `value` is a formattable string, ElastAlert 2 will format the incident key based on the provided array of fields from the rule or match.
See https://docs.mattermost.com/developer/message-attachments.html#fields for more information.
See https://developers.mattermost.com/integrate/reference/message-attachments/#fields for more information.

Example mattermost_msg_fields::

Expand Down Expand Up @@ -3206,7 +3213,7 @@ Configuration variables in rules YAML file::
Title: <Incident Title>
http_post_all_values: true

For more details, you can refer the `Squadcast documentation <https://support.squadcast.com/docs/elastalert>`_.
For more details, you can refer the `Squadcast documentation <https://support.squadcast.com/integrations/alert-source-integrations-native/elastalert>`_.

ServiceNow
~~~~~~~~~~
Expand Down

0 comments on commit 3b9f8be

Please sign in to comment.