L3rt
Simple alerting application. It was inspired by elastalert and Jenkins pipelines. The goal is to provide users with more sophisticated rule system.
Why l3rt?
- Zero-dependency. No additional database required.
- Infrastructure-as-code friendly. Manage your rules as regular files
- Infinite flexibility in rule configuration
- Built-in web UI playground
Request a feature
Currently, l3rt supports the following sources as an input:
- ElasticSearch
- AWS ElasticSearch
Supported outputs:
- Hipchat
- Slack
- Jira
- Missing yours? Add a feature request or submit a pull request
Supported rules:
- ElasticSearch: queryString rule - returns messages matched by a query string
- ElasticSearch: query rule - free-form rule that is fully managed by ElasticSearch's
searchquery - ElasticSearch: count rule - returns number of events occurred for the given period of time (or multiple periods)
- Missing yours? Add a feature request or submit a pull request
UI
You can use a web UI to create and debug your rules. Just start L3rt and go to http://localhost:8080/
How to use
Create a config file where you need to specify common configuration for all your rules:
{
"sources": [
{"url": "elasticSearch:http://localhost:9200"}
],
"targetSettings": {
"mailServer": {
"host": "smtp.gmail.com",
"port": "465",
"auth": true,
"username": "[email protected]",
"password": "password"
}
}
}You can find more info about config here.
Create your rule. All rules are groovy based DSLs, so you can use all power of groovy in your rules.
/opt/l3rt/rules/exampleRule.groovy
rule {
ruleName = "myTestRule"
params = [
index: "logstash-*",
queryString: "message:Error"
]
reaction { messages ->
messages.each {
if (it.data.message.contains("Critical")) {
email("[email protected]", "Error", it.data.message.toString())
hipchat("Room with logs", it.data.message.toString(), "RED", true)
} else {
hipchat("Room with logs", it.data.message.toString(), "YELLOW", true)
}
}
}
}Build & Launch
Development mode
You need:
- Java >=8
- Node ~v8.*.*
- Npm
- Launch
lert.Applicationas a plain java application with optional parameters:
-Dlogback.configurationFile=logback-dev.xml- dev logger config-Dconfig.file=~/l3rt/conf.json- specifies the config location-Drules=~/l3rt/rules/- specifies a folder with rules if this parameter hasn't been defined in the config
- Launch client side
cd ./clientnpm installnpm run dev- Go to http://localhost:8888
Manually
-
Build
./gradlew application:jar -
Run
java -Dconfig.file=/l3rt/config/config.json -Drules=/l3rt/rules/ -jar ./application/build/libs/l3rt-1.6.0.jar
NOTE: l3rt requires >= Java 8 and Docker
Via Docker
Create your config file ~/conf.json on your local machine. Then start it as follows:
docker run -it -v ~/conf.json:/l3rt/config/config.json -p 8080:8080 dimafeng/l3rt:1.6.0
Optionally you can specify location of your rules -v ~/rules:/l3rt/rules.
Go to http://localhost:8080 and play with L3rt!
Versions
- 1.6.0 - Release Notes
- 0.1.5 - First public version
Contributions
This project is in heavy development stage so all contributions are appreciated.
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent