Рабочий пример
es_host: <ELASTIC IP>
es_port: 9200
# es_username: elastic
# es_password: changeme
name: ":warning:WARNING : Disk Usage Alert:warning:"
description: "running out of free disk space"
severity: "warning"
index: app-prod-metrics*
type: any
realert:
minutes: 1
filter:
- query:
query_string:
query: "system.filesystem.used.pct:[0.8 TO 0.9] AND system.filesystem.device_name: \"/dev/sda1\""
query_delay:
minutes: 1
query_key: host
query_key: system.filesystem.used.pct
query_key: system.filesystem.device_name
alert_text_type: alert_text_only
include : ["host","system.filesystem.used.pct","system.filesystem.device_name"]
alert:
- "slack"
#-telegram
alert_text: "
*Used %* : {0:.2%}\n
*Host* : {1}\n
*Mount Point* : {2}\n
*ElastAlert Node* : elastalert on "
alert_text_type: alert_text_only
alert_text_args: ["system.filesystem.used.pct","host","system.filesystem.device_name"]
slack:
slack_webhook_url: "<SLACK URL>"
# telegram_bot_token: <TOKEN>
# telegram_room_id: "@<ROOM NAME>"
