How to make cmd: python -m elastalert.elastalert --verbose --rule examples/rules/test_rule.yaml to run in background #3308

sandraimmaculate · 2025-01-15T11:48:01Z

Hello,
I have installed the elastalert2. I have created a rule to trigger an alert when the sudo command is executed

index: .ds-logs-auditd.log-default-*
type: any

filter:
- term:
    process.executable: "/usr/bin/sudo"

alert:
- "email"

email:
- "[email protected]"

smtp_host: smtphost
smtp_port: 8025
smtp_auth_file: smtp_auth.yaml

realert:
  minutes: 0

Whenever i run the below command

python -m elastalert.elastalert --verbose --rule examples/rules/test_rule.yaml

I'm receiving the email alert as it have to run it in background right so that whenever the sudo command is executed i will be receiving the email alert.
if i created another rule how to run both of them!
Please Help!
Thanks in advance!

The text was updated successfully, but these errors were encountered:

sandraimmaculate changed the title ~~My elastalert2 is not sending email alert! when the custom rule is triggered~~ How to make cmd: python -m elastalert.elastalert --verbose --rule examples/rules/test_rule.yaml to run in background Jan 16, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

How to make cmd: python -m elastalert.elastalert --verbose --rule examples/rules/test_rule.yaml to run in background #3308

How to make cmd: python -m elastalert.elastalert --verbose --rule examples/rules/test_rule.yaml to run in background #3308

sandraimmaculate commented Jan 15, 2025 •

edited

Loading

How to make cmd: python -m elastalert.elastalert --verbose --rule examples/rules/test_rule.yaml to run in background #3308

How to make cmd: python -m elastalert.elastalert --verbose --rule examples/rules/test_rule.yaml to run in background #3308

Comments

sandraimmaculate commented Jan 15, 2025 • edited Loading

sandraimmaculate commented Jan 15, 2025 •

edited

Loading