Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

[beginner ] new_term rule

See original GitHub issue

Hello,

I’m new to elastalert, i’m getting logs from twitter, i try to get all the new values from “place.country_code” field, my rule conf contains:

type: new_term
index: twitter
fields:
 - place.country_code
terms_window_size:
  days: 90
use_terms_query: true
doc_type: logs
query_key: "place.country_code"
filter: []

but when i run my logstash and elastalert, i’m getting alerts from place.country_code values that i already get, it’s like it ignores the terms_window_size. (if I let the two run it works and alerts only on new values).

Issue Analytics

  • State:closed
  • Created 7 years ago
  • Comments:5 (2 by maintainers)

github_iconTop GitHub Comments

1reaction
q2dgcommented, Jan 15, 2019

Well, I think issues like this, after more than two years, could be closed. It’s necessary a cleanup.

0reactions
Qmandocommented, Jan 16, 2019

I’ve been meaning to do another old issue purge…

Read more comments on GitHub >

github_iconTop Results From Across the Web

[Question] Setting NewTerm as default shell script handler
I was wondering if there was an easy way to automatically run all .sh scripts in NewTerm or a comparable terminal? Essentially, I...
Read more >
A beginner's guide to kerning like a designer - Canva
As a general rule of thumb, you can get away with tighter kerning at larger sizes, but letters can look closer together at...
Read more >
CITI Training: Revised Common Rule Flashcards - Quizlet
The Final Rule added the requirement that: Key information essential to decision making receive priority by appearing at the beginning of the consent...
Read more >
Recursive Rule Formulas & Examples | Geometric, Arithmetic ...
This formula means "start at 100, and subtract 5 for each new term." If we want to calculate the 4th term of this...
Read more >
As Supreme Court Starts New Term, Some Cases to Watch
Wade and rule that the Second Amendment protects citizens' right to carry a gun outside their home, a new slate of cases before...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Elastalert does not match any document + es_debug_trace logs have incorrect info

Next page

Request: Better example of how to use negation with query_string