ElastAlert Integration Guide
ElastAlert is a simple framework for alerting on anomalies, spikes, or other patterns of interest from data in Elasticsearch.
ElastAlert triggers alerts when alerting rule conditions are met. PagerTree acts as the dispatcher for these alerts, determining the right people to notify based on on-call schedules. PagerTree notifies them via email, sms, voice, and/or push notifications until the alert is acknowledged or closed.
The ElastAlert is one-way, meaning:
- When ElastAlert sends PagerTree an alert with (
event_type === "create"), an alert is created in PagerTree automatically.
In this integration tutorial we will show you how to send notifications from ElastAlert into PagerTree. The estimated time for this integration is 4 minutes. We assume that you already have a PagerTree and ElastAlert setup (version v0.1.38 or higher) and generally understand how to create rules. If you don’t, make sure to check out the docs.
- From the action button, click the “Create Integration” button.
- In the “Create Integration” box, fill out the following:
- Name of the Integration.
- Select the Type to ElastAlert
- Select an appropriate Urgency for when this integration is triggered
- Select the Team this alert will be assigned to
- Click Save
- Copy the Endpoint URL
In your ElastAlert rules YAML file add the following, replacing
<PagerTree Endpoint URL>with the PagerTree Endpoint URL you copied earlier.
- Save the rules YAML file
- Restart ElastAlert
You have successfully completed the ElastAlert Integration. Now when a alert in ElastAlert created, PagerTree will create an alert and route it to the correct team member that is on-call. If you have any questions please contact firstname.lastname@example.org
- pagertree_sample_rule.yml - ElastAlert/PagerTree Sample Rule Configuration