def configure_logging(args, conf):
# configure logging from config file if provided
if 'logging' in conf:
# load new logging config
logging.config.dictConfig(conf['logging'])
if args.verbose and args.debug:
elastalert_logger.info(
"Note: --debug and --verbose flags are set. --debug takes precedent."
)
# re-enable INFO log level on elastalert_logger in verbose/debug mode
# (but don't touch it if it is already set to INFO or below by config)
if args.verbose or args.debug:
if elastalert_logger.level > logging.INFO or elastalert_logger.level == logging.NOTSET:
elastalert_logger.setLevel(logging.INFO)
if args.debug:
elastalert_logger.info(
"""Note: In debug mode, alerts will be logged to console but NOT actually sent.
To send them but remain verbose, use --verbose instead.""")
if not args.es_debug and 'logging' not in conf:
logging.getLogger('elasticsearch').setLevel(logging.WARNING)
if args.es_debug_trace:
tracer = logging.getLogger('elasticsearch.trace')
tracer.setLevel(logging.INFO)
tracer.addHandler(logging.FileHandler(args.es_debug_trace))
def configure_logging(args, conf):
# configure logging from config file if provided
if 'logging' in conf:
# load new logging config
logging.config.dictConfig(conf['logging'])
if args.verbose and args.debug:
elastalert_logger.info(
"Note: --debug and --verbose flags are set. --debug takes precedent."
)
# re-enable INFO log level on elastalert_logger in verbose/debug mode
# (but don't touch it if it is already set to INFO or below by config)
if args.verbose or args.debug:
if elastalert_logger.level > logging.INFO or elastalert_logger.level == logging.NOTSET:
elastalert_logger.setLevel(logging.INFO)
if args.debug:
elastalert_logger.info(
"""Note: In debug mode, alerts will be logged to console but NOT actually sent.
To send them but remain verbose, use --verbose instead."""
)
if not args.es_debug and 'logging' not in conf:
logging.getLogger('elasticsearch').setLevel(logging.WARNING)
if args.es_debug_trace:
tracer = logging.getLogger('elasticsearch.trace')
tracer.setLevel(logging.INFO)
tracer.addHandler(logging.FileHandler(args.es_debug_trace))
def __init__(self, args):
self.parse_args(args)
self.debug = self.args.debug
self.verbose = self.args.verbose
self.rule_jobs = []
if self.verbose or self.debug:
elastalert_logger.setLevel(logging.INFO)
if self.debug:
elastalert_logger.info(
"Note: In debug mode, alerts will be logged to console but NOT actually sent. To send them, use --verbose."
)
if not self.args.es_debug:
logging.getLogger('elasticsearch').setLevel(logging.WARNING)
if self.args.es_debug_trace:
tracer = logging.getLogger('elasticsearch.trace')
tracer.setLevel(logging.INFO)
tracer.addHandler(logging.FileHandler(self.args.es_debug_trace))
self.conf = load_rules(self.args)
self.global_config = load_global_config()
#for key,value in self.conf.items():
# elastalert_logger.info("%s => %s", key, value)
#self.max_query_size = self.conf['max_query_size']
self.rules = self.conf['rules']
#self.writeback_index = self.conf['writeback_index']
#self.run_every = self.conf['run_every']
#self.alert_time_limit = self.conf['alert_time_limit']
#self.old_query_limit = self.conf['old_query_limit']
#self.disable_rules_on_error = self.conf['disable_rules_on_error']
#self.notify_email = self.conf.get('notify_email', [])
#self.from_addr = self.conf.get('from_addr', 'ElastAlert')
#self.smtp_host = self.conf.get('smtp_host', 'localhost')
#self.max_aggregation = self.conf.get('max_aggregation', 10000)
self.alerts_sent = 0
self.num_hits = 0
self.current_es = None
self.current_es_addr = None
#self.buffer_time = self.conf['buffer_time']
self.silence_cache = {}
self.rule_hashes = get_rule_hashes(self.conf, self.args.rule)
self.starttime = self.args.start
self.disabled_rules = []
#self.es_conn_config = self.build_es_conn_config(self.conf)
#self.writeback_es = self.new_elasticsearch(self.es_conn_config)
if self.args.silence:
self.silence()
def __init__(self, args):
self.parse_args(args)
self.debug = self.args.debug
self.verbose = self.args.verbose
self.rule_jobs = []
if self.verbose or self.debug:
elastalert_logger.setLevel(logging.INFO)
if self.debug:
elastalert_logger.info("Note: In debug mode, alerts will be logged to console but NOT actually sent. To send them, use --verbose.")
if not self.args.es_debug:
logging.getLogger('elasticsearch').setLevel(logging.WARNING)
if self.args.es_debug_trace:
tracer = logging.getLogger('elasticsearch.trace')
tracer.setLevel(logging.INFO)
tracer.addHandler(logging.FileHandler(self.args.es_debug_trace))
self.conf = load_rules(self.args)
self.global_config = load_global_config()
#for key,value in self.conf.items():
# elastalert_logger.info("%s => %s", key, value)
#self.max_query_size = self.conf['max_query_size']
self.rules = self.conf['rules']
#self.writeback_index = self.conf['writeback_index']
#self.run_every = self.conf['run_every']
#self.alert_time_limit = self.conf['alert_time_limit']
#self.old_query_limit = self.conf['old_query_limit']
#self.disable_rules_on_error = self.conf['disable_rules_on_error']
#self.notify_email = self.conf.get('notify_email', [])
#self.from_addr = self.conf.get('from_addr', 'ElastAlert')
#self.smtp_host = self.conf.get('smtp_host', 'localhost')
#self.max_aggregation = self.conf.get('max_aggregation', 10000)
self.alerts_sent = 0
self.num_hits = 0
self.current_es = None
self.current_es_addr = None
#self.buffer_time = self.conf['buffer_time']
self.silence_cache = {}
self.rule_hashes = get_rule_hashes(self.conf, self.args.rule)
self.starttime = self.args.start
self.disabled_rules = []
#self.es_conn_config = self.build_es_conn_config(self.conf)
#self.writeback_es = self.new_elasticsearch(self.es_conn_config)
if self.args.silence:
self.silence()