frequency.yaml :
es_host: 172.31.14.222
es_port: 9200
name: Rule1
type: frequency
index: logstash-*
num_events: 5
timeframe:
hours: 1
filter:
- term:
api: "/health"
alert:
- "email"
smtp_host: "smtp.gmail.com"
smtp_port: 465
smtp_ssl : true
from_addr: "xyz@gmail.com"
smtp_auth_file: smtp_auth_file.yaml
email:
- "xyz@gmail.com"
smtp_auth_file.yaml :
user: "xyz@gmail.com"
password: "hidden"
ERRORS :
成功加载Rule1
警告:elasticsearch:GET http://172.31.14.222:9200/ [状态:N / A请求:0.002s]
回溯(最近的呼叫最后):
文件“/usr/local/lib/python2.7/site-packages/elasticsearch/connection/http_requests.py”,第76行,在perform_request response = self.session.send(prepared_request,** send_kwargs)文件“/ usr /local/lib/python2.7/site-packages/requests/sessions.py“,第622行,在send r = adapter.send(request,** kwargs)File”/usr/local/lib/python2.7/ site-packages / requests / adapters.py“,第495行,发送引发ConnectionError(错误,请求=请求)ConnectionError :('连接已中止 . ',BadStatusLine(”''“,))警告:elasticsearch:GET http: //172.31.14.222:9200/ [状态:N / A请求:0.001s]