You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm using elastalert from within a NIDS solution called SecurityOnion. I have got elastalert to setup email alerts when we get hit with certain network attacks and it works great.
I know this sounds strange, but I've been asked to get 3 duplicate email alerts (one per minute) for certain events. (It's a longs story as to why I want to do that).
So I figured I could get the alert info dumped into a text file and use a simple bash script to email that to me in a for loop, with a delay to get the same email in the fashion I listed above.
The problem is that I can't get the command alert to work. I just want to run a command called "/usr/local/bin/email-alert.sh".
I get:
Error while running alert command: Error while running command /usr/local/bin/so-alerts.sh: [Errno 2] No such file or directory: '/usr/local/bin/command-alerts.sh'
If I don't specify the full path, I get the same error.
If I omit the brackets, the elastalert.log will say it executed successfully, but the script doesn't appear to run. (If I run the script manually, I get the desired results.)
The scipts permissions are root:root: 755, so It should be executable by elastalert (the user that elastalert runs as). Any other ideas? I tried simple things like inserting "touch /tmp/test.txt" into the script to see if it's running, but nothing seems to happen.
Thanks in advance.
The text was updated successfully, but these errors were encountered:
I'm using elastalert from within a NIDS solution called SecurityOnion. I have got elastalert to setup email alerts when we get hit with certain network attacks and it works great.
I know this sounds strange, but I've been asked to get 3 duplicate email alerts (one per minute) for certain events. (It's a longs story as to why I want to do that).
So I figured I could get the alert info dumped into a text file and use a simple bash script to email that to me in a for loop, with a delay to get the same email in the fashion I listed above.
The problem is that I can't get the command alert to work. I just want to run a command called "/usr/local/bin/email-alert.sh".
If I put state it like:
alert:
command: ["/usr/local/bin/command-alert.sh"]
I get:
Error while running alert command: Error while running command /usr/local/bin/so-alerts.sh: [Errno 2] No such file or directory: '/usr/local/bin/command-alerts.sh'
If I don't specify the full path, I get the same error.
If I omit the brackets, the elastalert.log will say it executed successfully, but the script doesn't appear to run. (If I run the script manually, I get the desired results.)
The scipts permissions are root:root: 755, so It should be executable by elastalert (the user that elastalert runs as). Any other ideas? I tried simple things like inserting "touch /tmp/test.txt" into the script to see if it's running, but nothing seems to happen.
Thanks in advance.
The text was updated successfully, but these errors were encountered: