This role:
- installs elastalert on Ubuntu, CentOS
- copies prepared configuration file (log path, connect to elasticsearch etc.)
- Prepare server (add elastic repo)
- [Optional] Create folder(s) for custom paths
- Install elastalert
- Copy configuration file
- Minimal Version of the ansible for installation: 2.9
- AEM node version 7.5 with jolokia agent https://github.com/lean-delivery/ansible-role-aem-node
- Minimal Version of the Elastic stack: 7.5
- Metricbeat https://github.com/MaxKavun/ansible-role-metricbeats
- Supported OS:
- CentOS
- 7,8
- Ubuntu
- 16.04, 18.04
- Debian
- 8, 9
- CentOS
You can override any variable below by setting "variable: value" in playbook.
es_host
Elasticsearch host address. By default localhostes_port
Elasticsearch port. By default 9200run_every
Time how often ElastAlert will query Elasticsearch. By default 5 minutesbuffer_time
size of the query window, stretching backwards from the time each query is run. By default 5 minuteswriteback_index
Index where all rules will be stored
main_folder
Default folder where config will be stored. By default /opt/elastalertrules_folder
Default folder where rules will be stored. Default is /opt/elastalert/rulestemp_folder
Default folder where repo will be placed. By default it is /tmp/elastalert
Nothing
- name: Install AEM monitoring
hosts: all
roles:
- role: ansible-role-aem-monitoring
vars:
es_host: localhost
es_port: 9200
run_every:
minutes: 10
buffer_time:
hours: 1
- name: Install AEM monitoring
hosts: all
roles:
- role: ansible-role-aem-monitoring
vars:
es_host: localhost
es_port: 9200
run_every:
minutes: 10
buffer_time:
hours: 1
rules_config:
rule1:
name: Example rule
type: change
index: metricbeat-*
compare_key: jolokia.jolokia_metrics.query.healthcheck.status
ignore_null: true
query_key: cloud.instance.id
timeframe:
minutes: 10
filter:
- query:
- query_string:
query: "jolokia.jolokia_metrics.memory.heap_usage.committed>1"
alert: sns
alert_subject: "Queue was broken"
alert_text: "AEM queue was broken"
sns_topic_arn: Your arn of your topic
aws_access_key: access key
aws_secret_key: secret key
aws_region: your region
- name: Install AEM monitoring
hosts: all
roles:
- role: ansible-role-aem-monitoring
vars:
es_host: localhost
es_port: 9200
run_every:
minutes: 10
buffer_time:
hours: 1
rules_config:
rule1:
name: example_rule_1
type: frequency
num_events: 2
index: metricbeat-*
timeframe:
minutes: 30
filter:
- query:
- query_string:
query: "system.cpu.idle.pct: <0.3"
alert: command
command: ["/bin/send_alert", "--username", "{match[username]}"]
rule2:
name: example_rule_2
type: frequency
num_events: 2
index: metricbeat-*
timeframe:
minutes: 30
filter:
- query:
- query_string:
query: "system.cpu.idle.pct: <0.5"
alert: command
command: ["/bin/send_alert", "--username", "{match[username]}"]
Apache
authors:
- Lean Delivery Team team@lean-delivery.com