Simple alerting application. It was inspired by elastalert and Jenkins pipelines. The goal is to provide users with more sophisticated rule system.
- Zero-dependency. No additional database required.
- Infrastructure-as-code friendly. Manage your rules as regular files
- Infinite flexibility in rule configuration
- Built-in web UI playground
Currently, l3rt supports the following sources as an input:
- ElasticSearch
- AWS ElasticSearch
Supported outputs:
- Hipchat
- Slack
- Jira
- Missing yours? Add a feature request or submit a pull request
Supported rules:
- ElasticSearch: queryString rule - returns messages matched by a query string
- ElasticSearch: query rule - free-form rule that is fully managed by ElasticSearch's
search
query - ElasticSearch: count rule - returns number of events occurred for the given period of time (or multiple periods)
- Missing yours? Add a feature request or submit a pull request
You can use a web UI to create and debug your rules. Just start L3rt and go to http://localhost:8080/
Create a config file where you need to specify common configuration for all your rules:
{
"sources": [
{"url": "elasticSearch:http://localhost:9200"}
],
"targetSettings": {
"mailServer": {
"host": "smtp.gmail.com",
"port": "465",
"auth": true,
"username": "[email protected]",
"password": "password"
}
}
}
You can find more info about config here.
Create your rule. All rules are groovy based DSLs, so you can use all power of groovy in your rules.
/opt/l3rt/rules/exampleRule.groovy
rule {
ruleName = "myTestRule"
params = [
index: "logstash-*",
queryString: "message:Error"
]
reaction { messages ->
messages.each {
if (it.data.message.contains("Critical")) {
email("[email protected]", "Error", it.data.message.toString())
hipchat("Room with logs", it.data.message.toString(), "RED", true)
} else {
hipchat("Room with logs", it.data.message.toString(), "YELLOW", true)
}
}
}
}
You need:
- Java >=8
- Node ~v8.*.*
- Npm
- Launch
lert.Application
as a plain java application with optional parameters:
-Dlogback.configurationFile=logback-dev.xml
- dev logger config-Dconfig.file=~/l3rt/conf.json
- specifies the config location-Drules=~/l3rt/rules/
- specifies a folder with rules if this parameter hasn't been defined in the config
- Launch client side
cd ./client
npm install
npm run dev
- Go to http://localhost:8888
-
Build
./gradlew application:jar
-
Run
java -Dconfig.file=/l3rt/config/config.json -Drules=/l3rt/rules/ -jar ./application/build/libs/l3rt-1.6.0.jar
NOTE: l3rt requires >= Java 8 and Docker
Create your config file ~/conf.json
on your local machine. Then start it as follows:
docker run -it -v ~/conf.json:/l3rt/config/config.json -p 8080:8080 dimafeng/l3rt:1.6.0
Optionally you can specify location of your rules -v ~/rules:/l3rt/rules
.
Go to http://localhost:8080 and play with L3rt!
- 1.6.0 - Release Notes
- 0.1.5 - First public version
This project is in heavy development stage so all contributions are appreciated.