opendistro-for-elasticsearch/alerting opendistro-for-elasticsearch/alerting

  • This repository has been archived on 02/Aug/2022
  • Stars
    star
    279
  • Rank 147,967 (Top 3 %)
  • Language
    Kotlin
  • License
    Apache License 2.0
  • Created almost 6 years ago
  • Updated over 2 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
opendistro-for-elasticsearch/alerting
github

opendistro-for-elasticsearch

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

📟 Open Distro Alerting Plugin

Test Workflow codecov Documentation Chat PRs welcome!

Open Distro for Elasticsearch Alerting

The Open Distro for Elasticsearch Alerting enables you to monitor your data and send alert notifications automatically to your stakeholders. With an intuitive Kibana interface and a powerful API, it is easy to set up, manage, and monitor your alerts. Craft highly specific alert conditions using Elasticsearch's full query language and scripting capabilities.

Highlights

Scheduled searches use cron expressions or intervals (e.g. every five minutes) and the Elasticsearch query DSL.

To define trigger conditions, use the Painless scripting language or simple thresholds (e.g. count > 100).

When trigger conditions are met, you can publish messages to the following destinations:

Messages can be static strings, or you can use the Mustache templates to include contextual information.

Documentation

Please see our documentation.

Setup

  1. Check out this package from version control.
  2. Launch Intellij IDEA, choose Import Project, and select the settings.gradle file in the root of this package.
  3. To build from the command line, set JAVA_HOME to point to a JDK >= 14 before running ./gradlew.

Build

This package is organized into subprojects, most of which contribute JARs to the top-level plugin in the alerting subproject.

All subprojects in this package use the Gradle build system. Gradle comes with excellent documentation that should be your first stop when trying to figure out how to operate or modify the build.

However, to build the alerting plugin subproject, we also use the Elastic build tools for Gradle. These tools are idiosyncratic and don't always follow the conventions and instructions for building regular Java code using Gradle. Not everything in alerting will work the way it's described in the Gradle documentation. If you encounter such a situation, the Elastic build tools source code is your best bet for figuring out what's going on.

Building from the command line

  1. ./gradlew build builds and tests all subprojects.
  2. ./gradlew :alerting:run launches a single node cluster with the alerting plugin installed.
  3. ./gradlew :alerting:run -PnumNodes=3 launches a multi-node cluster with the alerting plugin installed.
  4. ./gradlew :alerting:integTest launches a single node cluster with the alerting plugin installed and runs all integ tests.
  5. ./gradlew :alerting:integTest -PnumNodes=3 launches a multi-node cluster with the alerting plugin installed and runs all integ tests.
  6. ./gradlew :alerting:integTest -Dtests.class="*MonitorRunnerIT" runs a single integ test class
  7. ./gradlew :alerting:integTest -Dtests.method="test execute monitor with dryrun" runs a single integ test method (remember to quote the test method name if it contains spaces).

When launching a cluster using one of the above commands, logs are placed in alerting/build/testclusters/integTest-0/logs/. Though the logs are teed to the console, in practices it's best to check the actual log file.

Run integration tests with Security enabled

  1. Setup a local odfe cluster with security plugin.

    • ./gradlew :alerting:integTestRunner -Dtests.rest.cluster=localhost:9200 -Dtests.cluster=localhost:9200 -Dtests.clustername=es-integrationtest -Dhttps=true -Dsecurity=true -Duser=admin -Dpassword=admin

    • ./gradlew :alerting:integTestRunner -Dtests.rest.cluster=localhost:9200 -Dtests.cluster=localhost:9200 -Dtests.clustername=es-integrationtest -Dhttps=true -Dsecurity=true -Duser=admin -Dpassword=admin --tests "com.amazon.opendistroforelasticsearch.alerting.MonitorRunnerIT.test execute monitor returns search result"

Debugging

Sometimes it's useful to attach a debugger to either the Elasticsearch cluster or the integ tests to see what's going on. When running unit tests, hit Debug from the IDE's gutter to debug the tests. You must start your debugger to listen for remote JVM before running the below commands.

To debug code running in an actual server, run:

./gradlew :alerting:integTest -Dcluster.debug # to start a cluster and run integ tests

OR

./gradlew :alerting:run --debug-jvm # to just start a cluster that can be debugged

The Elasticsearch server JVM will launch suspended and wait for a debugger to attach to localhost:5005 before starting the Elasticsearch server. The IDE needs to listen for the remote JVM. If using Intellij you must set your debug configuration to "Listen to remote JVM" and make sure "Auto Restart" is checked. You must start your debugger to listen for remote JVM before running the commands.

To debug code running in an integ test (which exercises the server from a separate JVM), run:

./gradlew :alerting:integTest -Dtest.debug

The test runner JVM will start suspended and wait for a debugger to attach to localhost:8000 before running the tests.

Additionally, it is possible to attach one debugger to the cluster JVM and another debugger to the test runner. First, make sure one debugger is listening on port 5005 and the other is listening on port 8000. Then, run:

./gradlew :alerting:integTest -Dtest.debug -Dcluster.debug

Advanced: Launching multi-node clusters locally

Sometimes you need to launch a cluster with more than one Elasticsearch server process.

You can do this by running ./gradlew :alerting:run -PnumNodes=<numberOfNodesYouWant>

You can also run the integration tests against a multi-node cluster by running ./gradlew :alerting:integTest -PnumNodes=<numberOfNodesYouWant>

You can also debug a multi-node cluster, by using a combination of above multi-node and debug steps. But, you must set up debugger configurations to listen on each port starting from 5005 and increasing by 1 for each node.

Code of Conduct

This project has adopted an Open Source Code of Conduct.

Security issue notifications

If you discover a potential security issue in this project we ask that you notify AWS/Amazon Security via our vulnerability reporting page. Please do not create a public GitHub issue.

Licensing

See the LICENSE file for our project's licensing. We will ask you to confirm the licensing of your contribution.

Copyright

Copyright 2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.

More Repositories

1

sql

🔍 Open Distro SQL Plugin
Java
620
star
2

opendistro-build

🧰 Open Distro Build Scripts
Shell
343
star
3

sample-code

👋 Welcome to the Open Distro sample-code area. Share your great ideas and code samples with the Open Distro Community.
Python
278
star
4

k-NN

🆕 A machine learning plugin which supports an approximate k-NN search algorithm for Open Distro.
Java
276
star
5

performance-analyzer

📈 OpenDistro Performance Analyzer
Java
146
star
6

alerting-kibana-plugin

📟 Open Distro Kibana Alerting Plugin
JavaScript
140
star
7

index-management

🗃 Open Distro Index Management
Kotlin
115
star
8

perftop

📈 PerfTop: A client for the Open Distro Performance Analyzer
JavaScript
94
star
9

anomaly-detection

A machine learning plugin in Open Distro for real time anomaly detection on streaming data.
Java
78
star
10

job-scheduler

🕓 Open Distro Job Scheduler
Java
47
star
11

deprecated-security-advanced-modules

[DO NOT USE - DEPRECATED as of v1.4.0] Advanced modules for the Open Distro security plugin; Merged into security repo.
Java
47
star
12

anomaly-detection-kibana-plugin

A Kibana plugin providing visualizations for anomaly detection in Open Distro.
TypeScript
44
star
13

index-management-kibana-plugin

🗃 Open Distro Index Management Kibana UI plugin
TypeScript
42
star
14

kibana-reports

Kibana Reports
TypeScript
39
star
15

performance-analyzer-rca

The Performance Analyzer RCA is a framework that builds on the Performance Analyzer engine to support root cause analysis (RCA) of performance and reliability problems for Elasticsearch instances.
Java
38
star
16

data-prepper

This repository is archived. Please migrate to the active project: https://github.com/opensearch-project/data-prepper
Java
37
star
17

deprecated-security-ssl

[DO NOT USE - DEPRECATED AS OF v1.0.0] SSL module for Open Distro security plugin
Java
31
star
18

odfe-cli

A full-featured command line interface (CLI) for Open Distro.
Go
24
star
19

asynchronous-search

▶️ Asynchronous search makes it possible for users to run queries in the background, allowing users to track the progress, and retrieve partial results as they become available.
Java
23
star
20

kibana-notebooks

Open Distro Kibana Notebooks
TypeScript
21
star
21

deprecated-security-parent

[DO NOT USE - DEPRECATED as of v1.4.0] Parent repo for Open Distro Security plugin; Merged into security repo.
19
star
22

security

Java
17
star
23

cross-cluster-replication

Kotlin
15
star
24

trace-analytics

TypeScript
7
star
25

kibana-visualizations

TypeScript
4
star
26

common-utils

Open Distro Common-Utils
Java
4
star
27

security-kibana-plugin

TypeScript
3
star
28

notifications

Notifications plugin for Open Distro enables other plugins to send notifications via Email, Slack, Amazon Chime, Custom web-hook etc channels
Kotlin
3
star
29

pipe-processing-language

Piped Processing Language (PPL) for Elasticsearch
3
star