The original yelp/elastalert repository has become mostly stale, with hundreds of open PRs and over 1000 open issues. The Yelp team has acknowledged that they are winding down support of Elastalert. Consequently, it is difficult to merge fixes, dependency upgrades, and new features into Elastalert. Because of this, a fork of Elastalert has been created. jertel/elastalert will be an alternate repository for updates, until a new maintainer is appointed by the Yelp team and it's clear that the new maintainers are responding to PRs and issues.

Updated Elastalert documentation that reflects the state of the alt branch can be found here. This is the place to start if you're not familiar with Elastalert at all.

The full list of platforms that Elastalert can fire alerts into can be found here

The original README for Elastalert can be found here. Please note that this file is not being actively maintained, and will probably grow less accurate over time.

PRs are welcome, but must include tests, when possible. PRs will not be merged if they do not pass the automated CI workflows.

The current status of the alt branch CI workflow:

If you're interested in a pre-built Docker image for either the official yelp/elastalert release, or for this fork, check out the elastalert-docker project on Docker Hub.

Elastalert is licensed under the Apache License, Version 2.0.