[{"data":1,"prerenderedAt":704},["ShallowReactive",2],{"docs-nav":3,"i-jam:menu":87,"docs-\u002Fdocs\u002Fintegrations\u002Felastalert":94,"i-lucide:arrow-left":698,"i-lucide:chevron-down":700,"i-lucide:chevron-up":702},[4,8,12,16,20,24,27,31,35,39,43,47,51,55,59,63,67,71,75,79,83],{"path":5,"title":6,"weight":7},"\u002Fdocs\u002Fgetting-started","Начало работы",10,{"path":9,"title":10,"weight":11},"\u002Fdocs\u002Fgetting-started\u002Fsolutions","Решения",11,{"path":13,"title":14,"weight":15},"\u002Fdocs\u002Fgetting-started\u002Fglossary","Глоссарий",12,{"path":17,"title":18,"weight":19},"\u002Fdocs\u002Fauth","Вход",20,{"path":21,"title":22,"weight":23},"\u002Fdocs\u002Fdashboard","Дашборд",30,{"path":25,"title":26,"weight":23},"\u002Fdocs\u002Fprofile","Профиль",{"path":28,"title":29,"weight":30},"\u002Fdocs\u002Fteams","Команды",40,{"path":32,"title":33,"weight":34},"\u002Fdocs\u002Fteams\u002Fteam","Команда",41,{"path":36,"title":37,"weight":38},"\u002Fdocs\u002Fteams\u002Fschedules","Расписания",42,{"path":40,"title":41,"weight":42},"\u002Fdocs\u002Fteams\u002Fescalations","Эскалации",43,{"path":44,"title":45,"weight":46},"\u002Fdocs\u002Fteams\u002Ftokens","Токены",44,{"path":48,"title":49,"weight":50},"\u002Fdocs\u002Fevents","События",50,{"path":52,"title":53,"weight":54},"\u002Fdocs\u002Fevents\u002Falerts","Алерты",51,{"path":56,"title":57,"weight":58},"\u002Fdocs\u002Fevents\u002Fincidents","Инциденты",52,{"path":60,"title":61,"weight":62},"\u002Fdocs\u002Fintegrations","Интеграции",60,{"path":64,"title":65,"weight":66},"\u002Fdocs\u002Fintegrations\u002Fzabbix","Zabbix",61,{"path":68,"title":69,"weight":70},"\u002Fdocs\u002Fintegrations\u002Fgrafana","Grafana",62,{"path":72,"title":73,"weight":74},"\u002Fdocs\u002Fintegrations\u002Fprometheus","Prometheus Alertmanager",63,{"path":76,"title":77,"weight":78},"\u002Fdocs\u002Fintegrations\u002Felastalert","ElastAlert",64,{"path":80,"title":81,"weight":82},"\u002Fdocs\u002Fintegrations\u002Felastalert2","ElastAlert 2",65,{"path":84,"title":85,"weight":86},"\u002Fdocs\u002Ffaq","FAQ",100,{"left":88,"top":89,"width":90,"height":90,"rotate":91,"vFlip":92,"hFlip":92,"body":93},-5,-7,24,0,false,"\u003Cpath fill=\"currentColor\" d=\"M1 0h5a1 1 0 1 1 0 2H1a1 1 0 1 1 0-2m7 8h5a1 1 0 0 1 0 2H8a1 1 0 1 1 0-2M1 4h12a1 1 0 0 1 0 2H1a1 1 0 1 1 0-2\"\u002F>",{"id":95,"title":77,"body":96,"date":691,"description":692,"draft":92,"extension":693,"image":691,"meta":694,"navigation":200,"path":76,"seo":695,"stem":696,"weight":78,"__hash__":697},"content\u002Fdocs\u002Fintegrations\u002Felastalert.md",{"type":97,"value":98,"toc":684},"minimark",[99,114,119,132,136,146,150,160,439,443,446,604,611,643,653,657,680],[100,101,102,108,109,113],"p",{},[103,104,77],"a",{"href":105,"rel":106},"https:\u002F\u002Felastalert.readthedocs.io\u002F",[107],"nofollow"," — инструмент для алертинга на основе данных из Elasticsearch.\nИнтеграция с Sereno OnCall использует тип оповещения ",[110,111,112],"code",{},"http_post",", который отправляет данные алерта на произвольный HTTP-эндпоинт.",[115,116,118],"h2",{"id":117},"предварительные-требования","Предварительные требования",[120,121,122,126],"ul",{},[123,124,125],"li",{},"ElastAlert версии 0.1.0 или выше (оригинальный, не ElastAlert2).",[123,127,128,129,131],{},"API-токен команды из раздела ",[103,130,45],{"href":44},".",[115,133,135],{"id":134},"эндпоинт","Эндпоинт",[137,138,143],"pre",{"className":139,"code":141,"language":142},[140],"language-text","POST https:\u002F\u002Fsereno.systems\u002Fapi\u002Fv1\u002Falerts\u002Fcreate?source=elastalert\n","text",[110,144,141],{"__ignoreMap":145},"",[115,147,149],{"id":148},"настройка-правила","Настройка правила",[100,151,152,153,156,157,159],{},"В файле правила (например, ",[110,154,155],{},"my_rule.yaml",") укажите тип оповещения ",[110,158,112],{}," и параметры подключения:",[137,161,165],{"className":162,"code":163,"language":164,"meta":145,"style":145},"language-yaml shiki shiki-themes github-light github-dark","name: My Sereno Alert Rule\ntype: any\n\n# Подключение к Elasticsearch\nes_host: localhost\nes_port: 9200\nindex: logs-*\n\n# Фильтр\nfilter:\n  - term:\n      level: error\n\n# Оповещение через http_post\nalert: http_post\n\nhttp_post_url: 'https:\u002F\u002Fsereno.systems\u002Fapi\u002Fv1\u002Falerts\u002Fcreate?source=elastalert'\nhttp_post_headers:\n  Authorization: 'Bearer \u003Cтокен>'\n  Content-Type: 'application\u002Fjson'\n\nhttp_post_payload:\n  rule_name: '%(name)s'\n  alert_time: '%(alert_time)s'\n  num_hits: '%(num_hits)s'\n  alert_info:\n    type: '%(type)s'\n  matches: '%(matches)s'\n\nhttp_post_all_values: false\n","yaml",[110,166,167,184,195,202,209,220,232,243,248,254,262,272,282,287,293,304,309,320,328,339,349,354,362,373,383,394,402,413,424,429],{"__ignoreMap":145},[168,169,172,176,180],"span",{"class":170,"line":171},"line",1,[168,173,175],{"class":174},"s9eBZ","name",[168,177,179],{"class":178},"sVt8B",": ",[168,181,183],{"class":182},"sZZnC","My Sereno Alert Rule\n",[168,185,187,190,192],{"class":170,"line":186},2,[168,188,189],{"class":174},"type",[168,191,179],{"class":178},[168,193,194],{"class":182},"any\n",[168,196,198],{"class":170,"line":197},3,[168,199,201],{"emptyLinePlaceholder":200},true,"\n",[168,203,205],{"class":170,"line":204},4,[168,206,208],{"class":207},"sJ8bj","# Подключение к Elasticsearch\n",[168,210,212,215,217],{"class":170,"line":211},5,[168,213,214],{"class":174},"es_host",[168,216,179],{"class":178},[168,218,219],{"class":182},"localhost\n",[168,221,223,226,228],{"class":170,"line":222},6,[168,224,225],{"class":174},"es_port",[168,227,179],{"class":178},[168,229,231],{"class":230},"sj4cs","9200\n",[168,233,235,238,240],{"class":170,"line":234},7,[168,236,237],{"class":174},"index",[168,239,179],{"class":178},[168,241,242],{"class":182},"logs-*\n",[168,244,246],{"class":170,"line":245},8,[168,247,201],{"emptyLinePlaceholder":200},[168,249,251],{"class":170,"line":250},9,[168,252,253],{"class":207},"# Фильтр\n",[168,255,256,259],{"class":170,"line":7},[168,257,258],{"class":174},"filter",[168,260,261],{"class":178},":\n",[168,263,264,267,270],{"class":170,"line":11},[168,265,266],{"class":178},"  - ",[168,268,269],{"class":174},"term",[168,271,261],{"class":178},[168,273,274,277,279],{"class":170,"line":15},[168,275,276],{"class":174},"      level",[168,278,179],{"class":178},[168,280,281],{"class":182},"error\n",[168,283,285],{"class":170,"line":284},13,[168,286,201],{"emptyLinePlaceholder":200},[168,288,290],{"class":170,"line":289},14,[168,291,292],{"class":207},"# Оповещение через http_post\n",[168,294,296,299,301],{"class":170,"line":295},15,[168,297,298],{"class":174},"alert",[168,300,179],{"class":178},[168,302,303],{"class":182},"http_post\n",[168,305,307],{"class":170,"line":306},16,[168,308,201],{"emptyLinePlaceholder":200},[168,310,312,315,317],{"class":170,"line":311},17,[168,313,314],{"class":174},"http_post_url",[168,316,179],{"class":178},[168,318,319],{"class":182},"'https:\u002F\u002Fsereno.systems\u002Fapi\u002Fv1\u002Falerts\u002Fcreate?source=elastalert'\n",[168,321,323,326],{"class":170,"line":322},18,[168,324,325],{"class":174},"http_post_headers",[168,327,261],{"class":178},[168,329,331,334,336],{"class":170,"line":330},19,[168,332,333],{"class":174},"  Authorization",[168,335,179],{"class":178},[168,337,338],{"class":182},"'Bearer \u003Cтокен>'\n",[168,340,341,344,346],{"class":170,"line":19},[168,342,343],{"class":174},"  Content-Type",[168,345,179],{"class":178},[168,347,348],{"class":182},"'application\u002Fjson'\n",[168,350,352],{"class":170,"line":351},21,[168,353,201],{"emptyLinePlaceholder":200},[168,355,357,360],{"class":170,"line":356},22,[168,358,359],{"class":174},"http_post_payload",[168,361,261],{"class":178},[168,363,365,368,370],{"class":170,"line":364},23,[168,366,367],{"class":174},"  rule_name",[168,369,179],{"class":178},[168,371,372],{"class":182},"'%(name)s'\n",[168,374,375,378,380],{"class":170,"line":90},[168,376,377],{"class":174},"  alert_time",[168,379,179],{"class":178},[168,381,382],{"class":182},"'%(alert_time)s'\n",[168,384,386,389,391],{"class":170,"line":385},25,[168,387,388],{"class":174},"  num_hits",[168,390,179],{"class":178},[168,392,393],{"class":182},"'%(num_hits)s'\n",[168,395,397,400],{"class":170,"line":396},26,[168,398,399],{"class":174},"  alert_info",[168,401,261],{"class":178},[168,403,405,408,410],{"class":170,"line":404},27,[168,406,407],{"class":174},"    type",[168,409,179],{"class":178},[168,411,412],{"class":182},"'%(type)s'\n",[168,414,416,419,421],{"class":170,"line":415},28,[168,417,418],{"class":174},"  matches",[168,420,179],{"class":178},[168,422,423],{"class":182},"'%(matches)s'\n",[168,425,427],{"class":170,"line":426},29,[168,428,201],{"emptyLinePlaceholder":200},[168,430,431,434,436],{"class":170,"line":23},[168,432,433],{"class":174},"http_post_all_values",[168,435,179],{"class":178},[168,437,438],{"class":230},"false\n",[115,440,442],{"id":441},"формат-payload","Формат payload",[100,444,445],{},"Sereno OnCall ожидает следующую структуру:",[137,447,451],{"className":448,"code":449,"language":450,"meta":145,"style":145},"language-json shiki shiki-themes github-light github-dark","{\n  \"rule_name\": \"My Alert Rule\",\n  \"alert_time\": \"2026-01-01T12:00:00Z\",\n  \"match_time\": \"2026-01-01T11:59:00Z\",\n  \"num_hits\": 42,\n  \"alert_info\": {\n    \"type\": \"RESOLVED\"\n  },\n  \"matches\": [\n    {\n      \"host\": \"web-01\",\n      \"service\": \"nginx\",\n      \"message\": \"Connection refused\",\n      \"status\": \"error\"\n    }\n  ]\n}\n","json",[110,452,453,458,471,483,495,507,515,525,530,538,543,555,567,579,589,594,599],{"__ignoreMap":145},[168,454,455],{"class":170,"line":171},[168,456,457],{"class":178},"{\n",[168,459,460,463,465,468],{"class":170,"line":186},[168,461,462],{"class":230},"  \"rule_name\"",[168,464,179],{"class":178},[168,466,467],{"class":182},"\"My Alert Rule\"",[168,469,470],{"class":178},",\n",[168,472,473,476,478,481],{"class":170,"line":197},[168,474,475],{"class":230},"  \"alert_time\"",[168,477,179],{"class":178},[168,479,480],{"class":182},"\"2026-01-01T12:00:00Z\"",[168,482,470],{"class":178},[168,484,485,488,490,493],{"class":170,"line":204},[168,486,487],{"class":230},"  \"match_time\"",[168,489,179],{"class":178},[168,491,492],{"class":182},"\"2026-01-01T11:59:00Z\"",[168,494,470],{"class":178},[168,496,497,500,502,505],{"class":170,"line":211},[168,498,499],{"class":230},"  \"num_hits\"",[168,501,179],{"class":178},[168,503,504],{"class":230},"42",[168,506,470],{"class":178},[168,508,509,512],{"class":170,"line":222},[168,510,511],{"class":230},"  \"alert_info\"",[168,513,514],{"class":178},": {\n",[168,516,517,520,522],{"class":170,"line":234},[168,518,519],{"class":230},"    \"type\"",[168,521,179],{"class":178},[168,523,524],{"class":182},"\"RESOLVED\"\n",[168,526,527],{"class":170,"line":245},[168,528,529],{"class":178},"  },\n",[168,531,532,535],{"class":170,"line":250},[168,533,534],{"class":230},"  \"matches\"",[168,536,537],{"class":178},": [\n",[168,539,540],{"class":170,"line":7},[168,541,542],{"class":178},"    {\n",[168,544,545,548,550,553],{"class":170,"line":11},[168,546,547],{"class":230},"      \"host\"",[168,549,179],{"class":178},[168,551,552],{"class":182},"\"web-01\"",[168,554,470],{"class":178},[168,556,557,560,562,565],{"class":170,"line":15},[168,558,559],{"class":230},"      \"service\"",[168,561,179],{"class":178},[168,563,564],{"class":182},"\"nginx\"",[168,566,470],{"class":178},[168,568,569,572,574,577],{"class":170,"line":284},[168,570,571],{"class":230},"      \"message\"",[168,573,179],{"class":178},[168,575,576],{"class":182},"\"Connection refused\"",[168,578,470],{"class":178},[168,580,581,584,586],{"class":170,"line":289},[168,582,583],{"class":230},"      \"status\"",[168,585,179],{"class":178},[168,587,588],{"class":182},"\"error\"\n",[168,590,591],{"class":170,"line":295},[168,592,593],{"class":178},"    }\n",[168,595,596],{"class":170,"line":306},[168,597,598],{"class":178},"  ]\n",[168,600,601],{"class":170,"line":311},[168,602,603],{"class":178},"}\n",[100,605,606,607,610],{},"Поля из каждого объекта ",[110,608,609],{},"matches",", перечисленные ниже, попадают в лейблы алерта; остальные — в аннотации:",[100,612,613,616,617,616,620,616,623,616,626,616,629,616,632,616,635,616,638,616,640],{},[110,614,615],{},"action",", ",[110,618,619],{},"count",[110,621,622],{},"endpoint",[110,624,625],{},"host",[110,627,628],{},"ip",[110,630,631],{},"latency",[110,633,634],{},"service",[110,636,637],{},"status",[110,639,189],{},[110,641,642],{},"user",[644,645,646],"blockquote",{},[100,647,648,649,652],{},"Для отладки запустите ElastAlert с флагом ",[110,650,651],{},"--debug"," — в консоли будут выведены тела отправляемых запросов.",[115,654,656],{"id":655},"документация-elastalert","Документация ElastAlert",[120,658,659,666,673],{},[123,660,661],{},[103,662,665],{"href":663,"rel":664},"https:\u002F\u002Felastalert.readthedocs.io\u002Fen\u002Flatest\u002Fruletypes.html#http-post",[107],"HTTP Post alert type",[123,667,668],{},[103,669,672],{"href":670,"rel":671},"https:\u002F\u002Felastalert.readthedocs.io\u002Fen\u002Flatest\u002Fruletypes.html#common-configuration-options",[107],"Common configuration",[123,674,675],{},[103,676,679],{"href":677,"rel":678},"https:\u002F\u002Felastalert.readthedocs.io\u002Fen\u002Flatest\u002Frunning_elastalert.html",[107],"Running ElastAlert",[681,682,683],"style",{},"html pre.shiki code .s9eBZ, html code.shiki .s9eBZ{--shiki-default:#22863A;--shiki-dark:#85E89D}html pre.shiki code .sVt8B, html code.shiki .sVt8B{--shiki-default:#24292E;--shiki-dark:#E1E4E8}html pre.shiki code .sZZnC, html code.shiki .sZZnC{--shiki-default:#032F62;--shiki-dark:#9ECBFF}html pre.shiki code .sJ8bj, html code.shiki .sJ8bj{--shiki-default:#6A737D;--shiki-dark:#6A737D}html pre.shiki code .sj4cs, html code.shiki .sj4cs{--shiki-default:#005CC5;--shiki-dark:#79B8FF}html .default .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html.dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}",{"title":145,"searchDepth":186,"depth":186,"links":685},[686,687,688,689,690],{"id":117,"depth":186,"text":118},{"id":134,"depth":186,"text":135},{"id":148,"depth":186,"text":149},{"id":441,"depth":186,"text":442},{"id":655,"depth":186,"text":656},null,"Настройка отправки алертов из ElastAlert в Sereno OnCall через тип оповещения http_post.","md",{},{"title":77,"description":692},"docs\u002Fintegrations\u002Felastalert","KW2-mkUFamf0vWAzrSs56Fq163se5vJ6Gdv2lYw1Cqw",{"left":91,"top":91,"width":90,"height":90,"rotate":91,"vFlip":92,"hFlip":92,"body":699},"\u003Cpath fill=\"none\" stroke=\"currentColor\" stroke-linecap=\"round\" stroke-linejoin=\"round\" stroke-width=\"2\" d=\"m12 19l-7-7l7-7m7 7H5\"\u002F>",{"left":91,"top":91,"width":90,"height":90,"rotate":91,"vFlip":92,"hFlip":92,"body":701},"\u003Cpath fill=\"none\" stroke=\"currentColor\" stroke-linecap=\"round\" stroke-linejoin=\"round\" stroke-width=\"2\" d=\"m6 9l6 6l6-6\"\u002F>",{"left":91,"top":91,"width":90,"height":90,"rotate":91,"vFlip":92,"hFlip":92,"body":703},"\u003Cpath fill=\"none\" stroke=\"currentColor\" stroke-linecap=\"round\" stroke-linejoin=\"round\" stroke-width=\"2\" d=\"m18 15l-6-6l-6 6\"\u002F>",1781711770611]