forked from PeoplePerHour/elastalert-docker
-
Notifications
You must be signed in to change notification settings - Fork 0
/
start-elastalert.sh
52 lines (47 loc) · 1.59 KB
/
start-elastalert.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
#!/bin/sh
set -e
# Check if we need to download the rules from s3.
d=$(ls -A /opt/rules)
if [ -z "$d" ];
then
echo "Empty rules fetching from s3";
aws s3 sync s3://$S3_BUCKET/ /opt/rules
for i in `ls /opt/rules/`;
do
echo "moving $i";
newname="/opt/rules/$i.tpl"
mv /opt/rules/$i $newname
envsubst < $newname > /opt/rules/$i
done
else
echo "Local mode with mounded rules";
fi
# Wait until Elasticsearch is online since otherwise Elastalert will fail.
rm -f garbage_file
while ! wget -O garbage_file ${ELASTICSEARCH_HOST}:${ELASTICSEARCH_PORT} 2>/dev/null
do
echo "Waiting for ${ELASTICSEARCH_HOST} Elasticsearch..."
rm -f garbage_file
sleep 1
done
rm -f garbage_file
sleep 1
# Check if the Elastalert index exists in Elasticsearch and create it if it does not.
if ! wget -O garbage_file ${ELASTICSEARCH_HOST}:${ELASTICSEARCH_PORT}/elastalert_status 2>/dev/null
then
echo "Creating Elastalert ${ELASTICSEARCH_HOST} index in Elasticsearch..."
elastalert-create-index --host $ELASTICSEARCH_HOST \
--port $ELASTICSEARCH_PORT \
--no-auth \
--no-ssl \
--url-prefix "" \
--index elastalert_status \
--old-index ""
else
echo "Elastalert index already exists in Elasticsearch."
fi
rm -f garbage_file
mv /opt/config/config.yaml /opt/config/config.tpl.yaml
envsubst < /opt/config/config.tpl.yaml > /opt/config/config.yaml
echo "Starting Elastalert..."
exec supervisord -c ${ELASTALERT_SUPERVISOR_CONF} -n