An alert wizard for configuring alert rules on Graylog.
Perfect for example to configure together and at the same time a stream, an alert condition and a logging alert notification.
Required Graylog version: 3.0.x
Required Graylog plugins:
| Wizard Plugin Version | Graylog Version | Logging Alert Plugin Version | Aggregation Count Plugin Version | Correlation Count Plugin Version |
|---|---|---|---|---|
| 1.0.0 | 2.4.x | 1.0.x | 1.0.x | 1.0.x |
| 1.1.x | 2.5.x | 1.0.x | 1.0.x | 1.0.x |
| 2.0.x | 2.5.x | 1.1.x | 1.1.x | 1.1.x |
| 3.0.x | 3.0.x | 1.2.x | 1.2.x | 1.2.x |
| 3.1.x | 3.0.x | 1.2.x | 1.2.x | 1.2.x |
WARNING: The REST API for the Wizard Configuration has changed.
WARNING: With Wizard plugin in version 2.0.0 and higher you can't import alert rules that have been exported from version 1.X.X.
Upgrading notice:
- Import your alert rules from version 1.X.X
- Upgrade to version 2.0.0
- Export your alert rules in the new format
Download the plugin
and place the .jar file in your Graylog plugin directory. The plugin directory
is the plugins/ folder relative from your graylog-server directory by default
and can be configured in your graylog.conf file.
Restart graylog-server and you are done.
WARNING: The first time your create a rule with a list, the Wizard automatically create a lookup with cache and data adapter. But you must manually set up the authorization key with your login:password in base 64 for the data adapter.
The field "Name" should be filled by "Authorization"
The field "Value" should be filled by "Basic" followed by "user:password" in base64 for example "Basic TXlVc2Vy0k15UGFzc3dvcmQK" where TXlVc2Vy0k15UGFzc3dvcmQK is the result of "echo 'MyUser:MyPassword'|base64"
MyUser must be a user with admin rights
This project is using Maven 3 and requires Java 8 or higher.
- Clone this repository.
- Run
mvn packageto build a JAR file. - Optional: Run
mvn jdeb:jdebandmvn rpm:rpmto create a DEB and RPM package respectively. - Copy generated JAR file in target directory to your Graylog plugin directory.
- Restart the Graylog.
This plugin is released under version 3.0 of the GNU General Public License.