Какой тег bitsensor\elastalert для стека elk 7.2.0 в докере?

Question

Какой тег bitsensor\elastalert для стека elk 7.2.0 в докере?

Я установил и запустил стек elk в docker-compose версии 7.2.0 и создал новый сервис для elastalert, используя образ bitsensor \ elastalert:latest. Я думаю, что из-за ошибок, которые я получаю, версия elk не совместима с тегом elastalert:latest, потому что когда я использовал теги снимков, эти ошибки исчезали. Знаете ли вы, есть ли другие теги или версия этого изображения, или я должен установить elk на более низкий?

Так что с тегом "последний": я получил ошибки, которые я прилагаю здесь.
С тэгом "snapshot" в начале elastalert работал частично, но затем начал отображать контейнер filebeat как elastalert (странно)

Вот ошибки, которые я получаю:

elastalert_1     | 12:50:17.077Z ERROR elastalert-server:
elastalert_1     |     ProcessController:  WARNING:elasticsearch:GET http://elasticsearch:9200/ [status:N/A request:0.002s]
elastalert_1     |     Traceback (most recent call last):
elastalert_1     |       File "/usr/lib/python2.7/site-packages/elasticsearch-7.0.1-py2.7.egg/elasticsearch/connection/http_requests.py", line 111, in perform_request
elastalert_1     |         response = self.session.send(prepared_request, **send_kwargs)
elastalert_1     |       File "/usr/lib/python2.7/site-packages/requests-2.21.0-py2.7.egg/requests/sessions.py", line 646, in send
elastalert_1     |         r = adapter.send(request, **kwargs)
elastalert_1     |       File "/usr/lib/python2.7/site-packages/requests-2.21.0-py2.7.egg/requests/adapters.py", line 516, in send
elastalert_1     |         raise ConnectionError(e, request=request)
elastalert_1     |     ConnectionError: HTTPConnectionPool(host='elasticsearch', port=9200): Max retries exceeded with url: / (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7f46e3210a90>: Failed to establish a new connection: [Errno 111] Connection refused',))



 12:50:24.099Z ERROR elastalert-server:
elastalert_1     |     ProcessController:  Traceback (most recent call last):
elastalert_1     |       File "/usr/lib/python2.7/runpy.py", line 174, in _run_module_as_main
elastalert_1     |     
elastalert_1     | 12:50:24.099Z ERROR elastalert-server:
elastalert_1     |     ProcessController:      "__main__", fname, loader, pkg_name)
elastalert_1     |       File "/usr/lib/python2.7/runpy.py", line 72, in _run_code
elastalert_1     |         exec code in run_globals
elastalert_1     |       File "/opt/elastalert/elastalert/elastalert.py", line 1929, in <module>
elastalert_1     |     
elastalert_1     | 12:50:24.100Z ERROR elastalert-server:
elastalert_1     |     ProcessController:      sys.exit(main(sys.argv[1:]))
elastalert_1     |       File "/opt/elastalert/elastalert/elastalert.py", line 1925, in main
elastalert_1     |     
elastalert_1     | 12:50:24.100Z ERROR elastalert-server: ProcessController:      
elastalert_1     | 12:50:24.100Z ERROR elastalert-server:
elastalert_1     |     ProcessController:  client.start()
elastalert_1     |     
elastalert_1     | 12:50:24.100Z ERROR elastalert-server:
elastalert_1     |     ProcessController:    File "/opt/elastalert/elastalert/elastalert.py", line 1106, in start
elastalert_1     |     
elastalert_1     | 12:50:24.101Z ERROR elastalert-server: ProcessController:      
elastalert_1     | 12:50:24.101Z ERROR elastalert-server:
elastalert_1     |     ProcessController:  self.run_all_rules()
elastalert_1     |     
elastalert_1     | 12:50:24.101Z ERROR elastalert-server:
elastalert_1     |     ProcessController:    File "/opt/elastalert/elastalert/elastalert.py", line 1158, in run_all_rules
elastalert_1     |     
elastalert_1     | 12:50:24.101Z ERROR elastalert-server: ProcessController:      
elastalert_1     | 12:50:24.101Z ERROR elastalert-server:
elastalert_1     |     ProcessController:  self.send_pending_alerts()
elastalert_1     |     
elastalert_1     | 12:50:24.101Z ERROR elastalert-server:
elastalert_1     |     ProcessController:    File "/opt/elastalert/elastalert/elastalert.py", line 1534, in send_pending_alerts
elastalert_1     |     
elastalert_1     | 12:50:24.102Z ERROR elastalert-server: ProcessController:      
elastalert_1     | 12:50:24.102Z ERROR elastalert-server:
elastalert_1     |     ProcessController:  pending_alerts = self.find_recent_pending_alerts(self.alert_time_limit)
elastalert_1     |     
elastalert_1     | 12:50:24.102Z ERROR elastalert-server:
elastalert_1     |     ProcessController:    File "/opt/elastalert/elastalert/elastalert.py", line 1526, in find_recent_pending_alerts
elastalert_1     |     
elastalert_1     | 12:50:24.103Z ERROR elastalert-server: ProcessController:      
elastalert_1     | 12:50:24.103Z ERROR elastalert-server:
elastalert_1     |     ProcessController:  size=1000)
elastalert_1     |     
elastalert_1     | 12:50:24.103Z ERROR elastalert-server:
elastalert_1     |     ProcessController:    File "/usr/lib/python2.7/site-packages/elasticsearch-7.0.1-py2.7.egg/elasticsearch/client/utils.py", line 84, in _wrapped
elastalert_1     |     
elastalert_1     | 12:50:24.103Z ERROR elastalert-server: ProcessController:      
elastalert_1     | 12:50:24.103Z ERROR elastalert-server:
elastalert_1     |     ProcessController:  return func(*args, params=params, **kwargs)
elastalert_1     |     
elastalert_1     | 12:50:24.103Z ERROR elastalert-server: ProcessController:  TypeError
elastalert_1     | 12:50:24.103Z ERROR elastalert-server: ProcessController:  : 
elastalert_1     | 12:50:24.104Z ERROR elastalert-server: ProcessController:  search() got an unexpected keyword argument 'doc_type'
elastalert_1     | 12:50:24.104Z ERROR elastalert-server:
elastalert_1     |     ProcessController:  
elastalert_1     |     
elastalert_1     | 12:50:24.159Z ERROR elastalert-server: ProcessController:  ElastAlert exited with code 1
elastalert_1     | 12:50:24.159Z  INFO elastalert-server: Server:  Stopping server
elastalert_1     | 12:50:24.160Z  INFO elastalert-server: ProcessController:  ElastAlert is not running
elastalert_1     | 12:50:24.169Z  INFO elastalert-server: Server:  Server stopped. Bye!

и это файл docker-compose:

version: '2'

services:

  elasticsearch:
    build:
      context: elasticsearch/
      args:
        ELK_VERSION: $ELK_VERSION
    volumes:
      - ./elasticsearch/config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml:ro
    ports:
      - "9200:9200"
      - "9300:9300"
    environment:
      ES_JAVA_OPTS: "-Xmx256m -Xms256m"
      ELASTIC_PASSWORD: ysOpOBpfZnY5DGOg6bGT
    networks:
      - elk

  logstash:
    build:
      context: logstash/
      args:
        ELK_VERSION: $ELK_VERSION
    volumes:
      - ./logstash/config/logstash.yml:/usr/share/logstash/config/logstash.yml:ro
      - ./logstash/pipeline:/usr/share/logstash/pipeline:ro
    ports:
      - "5000:5000"
      - "9600:9600"
    environment:
      LS_JAVA_OPTS: "-Xmx256m -Xms256m"
    networks:
      - elk
    depends_on:
      - elasticsearch

  kibana:
    build:
      context: kibana/
      args:
        ELK_VERSION: $ELK_VERSION
    volumes:
      - ./kibana/config/kibana.yml:/usr/share/kibana/config/kibana.yml:ro
    ports:
      - "5601:5601"
    networks:
      - elk
    depends_on:
      - elasticsearch

  filebeat:
    build:
      context: nginx-filebeat
    volumes:
      - /var/lib/docker/containers:/var/lib/docker/containers
      - /var/log/sophia:/var/log/sophia
      - /var/log/sophia/sonde:/var/log/sophia/sonde
    networks:
      - elk
    depends_on:
      - logstash
    restart: on-failure

  elastalert:
    image: bitsensor/elastalert
    volumes:
      - ./elastalert/config/elastalert.yaml:/opt/elastalert/config.yaml
      - ./elastalert/config/config.json:/opt/elastalert/config/config.json
      - ./elastalert/rules:/opt/elastalert/rules
      - ./elastalert/smtp-auth.yml:/opt/elastalert/smtp-auth.yml
    networks:
      - elk

networks:

  elk:
    driver: bridge

0

docker-compose elk elastalert

Источник

user11907523 09 авг '19 в 16:07

0 ответов

Другие вопросы по тегам docker-compose elk elastalert