我想收到查询的每一击的警报。我在“任意”类型中使用规则。文档显示,将realert设置为0,因此我在config.yaml中添加了下面的行:
realert:
minutes: 0
但我还是能在原木上看到
INFO:elastalert:Queried rule Client errors from 2016-07-28 21:23 UTC to 2016-07-28 21:38 UTC: 16 / 16 hits
INFO:elastalert:Alert sent to Telegram
INFO:elastalert:Ignoring match for silenced rule
我已经在中配置了config.yaml聚合选项,以便每隔1小时发送一次警报摘要。但当我试图运行它时,它会抛出以下错误。
File "elastalert.py", line 863, in run_rule
self.add_aggregated_alert(match, rule)
File "elastalert.py", line 1614, in add_aggregated_alert
alert_time = ts_now() + rule['aggregation']
TypeError: unsupported operand t