Reputation: 51
Using Environment variables in ElastAlert
I am trying to implement alerts on my data present in elasticsearch using ElastAlert. I would like to know if there is a way to use environment variables or properties file or by exporting the values for changing the fields present in rule types in ElastAlert instead of going and changing the values manually in the rule files to reduce the possibility of an error.
For example, my spike rule configuration looks like this:
name: Event spike
type: spike
index: alerting-logs-*
threshold_cur: 300
timeframe: minutes: 2
spike_height: 2
spike_type: "up"
query_key: HostName
filter:
- query:
query_string: {query: 'smcfsloglevel:ERROR'}
alert:
- "email"
email:
- "[email protected]"
Now if I want to change the value of threshold_cur from 300 to, say, 500, can I somehow do it without going to the spike rule file like by exporting like threshold_cur: ${thr_cur}
Does anyone have an idea to achieve this?
Upvotes: 1
Views: 1683
Answers (1)
Reputation: 245
Have you tried defining threshold_cur in your main elastalert.yml file?
current_threshold:300
And then in your rule file, reference the threshold_cur value:
threshold_cur: {{current_threshold}}
I am doing something like this in an alert file that sends an email, and it works.
Upvotes: 0
Related Questions
- Environment variables in prometheus values
- elastalert2 - alert text jinja templates - which variables are available?
- Trigger alerts according to the environment in alertmanger
- Elastalert rule for different messages
- Accessing environment variables in AWS Beanstalk ebextensions
- Running elastalert rule : IOError: [Errno 2] No such file or directory: 'config.yaml'
- ElastAlert and changing E-mail content
- Using ENV vars in notification configuration
- ElastAlert - override run_every in config.yaml
- AWS Elastic Beanstalk: How to use environment variables in ebextensions?