[{"data":1,"prerenderedAt":776},["ShallowReactive",2],{"docs-nav":3,"i-jam:menu":87,"docs-\u002Fdocs\u002Fintegrations\u002Felastalert2":94,"i-lucide:arrow-left":770,"i-lucide:chevron-down":772,"i-lucide:chevron-up":774},[4,8,12,16,20,24,27,31,35,39,43,47,51,55,59,63,67,71,75,79,83],{"path":5,"title":6,"weight":7},"\u002Fdocs\u002Fgetting-started","Начало работы",10,{"path":9,"title":10,"weight":11},"\u002Fdocs\u002Fgetting-started\u002Fsolutions","Решения",11,{"path":13,"title":14,"weight":15},"\u002Fdocs\u002Fgetting-started\u002Fglossary","Глоссарий",12,{"path":17,"title":18,"weight":19},"\u002Fdocs\u002Fauth","Вход",20,{"path":21,"title":22,"weight":23},"\u002Fdocs\u002Fdashboard","Дашборд",30,{"path":25,"title":26,"weight":23},"\u002Fdocs\u002Fprofile","Профиль",{"path":28,"title":29,"weight":30},"\u002Fdocs\u002Fteams","Команды",40,{"path":32,"title":33,"weight":34},"\u002Fdocs\u002Fteams\u002Fteam","Команда",41,{"path":36,"title":37,"weight":38},"\u002Fdocs\u002Fteams\u002Fschedules","Расписания",42,{"path":40,"title":41,"weight":42},"\u002Fdocs\u002Fteams\u002Fescalations","Эскалации",43,{"path":44,"title":45,"weight":46},"\u002Fdocs\u002Fteams\u002Ftokens","Токены",44,{"path":48,"title":49,"weight":50},"\u002Fdocs\u002Fevents","События",50,{"path":52,"title":53,"weight":54},"\u002Fdocs\u002Fevents\u002Falerts","Алерты",51,{"path":56,"title":57,"weight":58},"\u002Fdocs\u002Fevents\u002Fincidents","Инциденты",52,{"path":60,"title":61,"weight":62},"\u002Fdocs\u002Fintegrations","Интеграции",60,{"path":64,"title":65,"weight":66},"\u002Fdocs\u002Fintegrations\u002Fzabbix","Zabbix",61,{"path":68,"title":69,"weight":70},"\u002Fdocs\u002Fintegrations\u002Fgrafana","Grafana",62,{"path":72,"title":73,"weight":74},"\u002Fdocs\u002Fintegrations\u002Fprometheus","Prometheus Alertmanager",63,{"path":76,"title":77,"weight":78},"\u002Fdocs\u002Fintegrations\u002Felastalert","ElastAlert",64,{"path":80,"title":81,"weight":82},"\u002Fdocs\u002Fintegrations\u002Felastalert2","ElastAlert 2",65,{"path":84,"title":85,"weight":86},"\u002Fdocs\u002Ffaq","FAQ",100,{"left":88,"top":89,"width":90,"height":90,"rotate":91,"vFlip":92,"hFlip":92,"body":93},-5,-7,24,0,false,"\u003Cpath fill=\"currentColor\" d=\"M1 0h5a1 1 0 1 1 0 2H1a1 1 0 1 1 0-2m7 8h5a1 1 0 0 1 0 2H8a1 1 0 1 1 0-2M1 4h12a1 1 0 0 1 0 2H1a1 1 0 1 1 0-2\"\u002F>",{"id":95,"title":81,"body":96,"date":763,"description":764,"draft":92,"extension":765,"image":763,"meta":766,"navigation":213,"path":80,"seo":767,"stem":768,"weight":82,"__hash__":769},"content\u002Fdocs\u002Fintegrations\u002Felastalert2.md",{"type":97,"value":98,"toc":755},"minimark",[99,109,114,127,131,142,146,163,173,451,455,458,604,608,675,682,714,724,728,751],[100,101,102,108],"p",{},[103,104,81],"a",{"href":105,"rel":106},"https:\u002F\u002Felastalert2.readthedocs.io\u002F",[107],"nofollow"," — активно развиваемый форк оригинального ElastAlert с расширенным набором функций и поддержкой современных версий Elasticsearch\u002FOpenSearch.",[110,111,113],"h2",{"id":112},"предварительные-требования","Предварительные требования",[115,116,117,121],"ul",{},[118,119,120],"li",{},"ElastAlert 2 версии 2.0 или выше.",[118,122,123,124,126],{},"API-токен команды из раздела ",[103,125,45],{"href":44},".",[110,128,130],{"id":129},"эндпоинт","Эндпоинт",[132,133,138],"pre",{"className":134,"code":136,"language":137},[135],"language-text","POST https:\u002F\u002Fsereno.systems\u002Fapi\u002Fv1\u002Falerts\u002Fcreate?source=elastalert2\n","text",[139,140,136],"code",{"__ignoreMap":141},"",[110,143,145],{"id":144},"настройка-правила","Настройка правила",[100,147,148,149,152,153,156,157,159,160,126],{},"ElastAlert 2 поддерживает два типа HTTP-оповещений: ",[139,150,151],{},"http_post"," (унаследован от ElastAlert) и ",[139,154,155],{},"http_post2"," (новый, с Jinja2-шаблонами). Для интеграции с Sereno OnCall используйте ",[139,158,151],{}," — он позволяет явно задать нужную структуру payload через ",[139,161,162],{},"http_post_payload",[100,164,165,166,169,170,172],{},"В файле правила (например, ",[139,167,168],{},"my_rule.yaml",") укажите тип оповещения ",[139,171,151],{}," и параметры подключения:",[132,174,178],{"className":175,"code":176,"language":177,"meta":141,"style":141},"language-yaml shiki shiki-themes github-light github-dark","name: My Sereno Alert Rule\ntype: any\n\n# Подключение к Elasticsearch\nes_host: localhost\nes_port: 9200\nindex: logs-*\n\n# Фильтр\nfilter:\n  - term:\n      level: error\n\n# Оповещение через http_post\nalert: http_post\n\nhttp_post_url: 'https:\u002F\u002Fsereno.systems\u002Fapi\u002Fv1\u002Falerts\u002Fcreate?source=elastalert2'\nhttp_post_headers:\n  Authorization: 'Bearer \u003Cтокен>'\n  Content-Type: 'application\u002Fjson'\n\nhttp_post_payload:\n  rule_name: '%(name)s'\n  alert_time: '%(alert_time)s'\n  num_matches: '%(num_matches)s'\n  alert_info:\n    type: '%(type)s'\n  matches: '%(matches)s'\n\nhttp_post_all_values: false\n","yaml",[139,179,180,197,208,215,222,233,245,256,261,267,275,285,295,300,306,317,322,333,341,352,362,367,374,385,395,406,414,425,436,441],{"__ignoreMap":141},[181,182,185,189,193],"span",{"class":183,"line":184},"line",1,[181,186,188],{"class":187},"s9eBZ","name",[181,190,192],{"class":191},"sVt8B",": ",[181,194,196],{"class":195},"sZZnC","My Sereno Alert Rule\n",[181,198,200,203,205],{"class":183,"line":199},2,[181,201,202],{"class":187},"type",[181,204,192],{"class":191},[181,206,207],{"class":195},"any\n",[181,209,211],{"class":183,"line":210},3,[181,212,214],{"emptyLinePlaceholder":213},true,"\n",[181,216,218],{"class":183,"line":217},4,[181,219,221],{"class":220},"sJ8bj","# Подключение к Elasticsearch\n",[181,223,225,228,230],{"class":183,"line":224},5,[181,226,227],{"class":187},"es_host",[181,229,192],{"class":191},[181,231,232],{"class":195},"localhost\n",[181,234,236,239,241],{"class":183,"line":235},6,[181,237,238],{"class":187},"es_port",[181,240,192],{"class":191},[181,242,244],{"class":243},"sj4cs","9200\n",[181,246,248,251,253],{"class":183,"line":247},7,[181,249,250],{"class":187},"index",[181,252,192],{"class":191},[181,254,255],{"class":195},"logs-*\n",[181,257,259],{"class":183,"line":258},8,[181,260,214],{"emptyLinePlaceholder":213},[181,262,264],{"class":183,"line":263},9,[181,265,266],{"class":220},"# Фильтр\n",[181,268,269,272],{"class":183,"line":7},[181,270,271],{"class":187},"filter",[181,273,274],{"class":191},":\n",[181,276,277,280,283],{"class":183,"line":11},[181,278,279],{"class":191},"  - ",[181,281,282],{"class":187},"term",[181,284,274],{"class":191},[181,286,287,290,292],{"class":183,"line":15},[181,288,289],{"class":187},"      level",[181,291,192],{"class":191},[181,293,294],{"class":195},"error\n",[181,296,298],{"class":183,"line":297},13,[181,299,214],{"emptyLinePlaceholder":213},[181,301,303],{"class":183,"line":302},14,[181,304,305],{"class":220},"# Оповещение через http_post\n",[181,307,309,312,314],{"class":183,"line":308},15,[181,310,311],{"class":187},"alert",[181,313,192],{"class":191},[181,315,316],{"class":195},"http_post\n",[181,318,320],{"class":183,"line":319},16,[181,321,214],{"emptyLinePlaceholder":213},[181,323,325,328,330],{"class":183,"line":324},17,[181,326,327],{"class":187},"http_post_url",[181,329,192],{"class":191},[181,331,332],{"class":195},"'https:\u002F\u002Fsereno.systems\u002Fapi\u002Fv1\u002Falerts\u002Fcreate?source=elastalert2'\n",[181,334,336,339],{"class":183,"line":335},18,[181,337,338],{"class":187},"http_post_headers",[181,340,274],{"class":191},[181,342,344,347,349],{"class":183,"line":343},19,[181,345,346],{"class":187},"  Authorization",[181,348,192],{"class":191},[181,350,351],{"class":195},"'Bearer \u003Cтокен>'\n",[181,353,354,357,359],{"class":183,"line":19},[181,355,356],{"class":187},"  Content-Type",[181,358,192],{"class":191},[181,360,361],{"class":195},"'application\u002Fjson'\n",[181,363,365],{"class":183,"line":364},21,[181,366,214],{"emptyLinePlaceholder":213},[181,368,370,372],{"class":183,"line":369},22,[181,371,162],{"class":187},[181,373,274],{"class":191},[181,375,377,380,382],{"class":183,"line":376},23,[181,378,379],{"class":187},"  rule_name",[181,381,192],{"class":191},[181,383,384],{"class":195},"'%(name)s'\n",[181,386,387,390,392],{"class":183,"line":90},[181,388,389],{"class":187},"  alert_time",[181,391,192],{"class":191},[181,393,394],{"class":195},"'%(alert_time)s'\n",[181,396,398,401,403],{"class":183,"line":397},25,[181,399,400],{"class":187},"  num_matches",[181,402,192],{"class":191},[181,404,405],{"class":195},"'%(num_matches)s'\n",[181,407,409,412],{"class":183,"line":408},26,[181,410,411],{"class":187},"  alert_info",[181,413,274],{"class":191},[181,415,417,420,422],{"class":183,"line":416},27,[181,418,419],{"class":187},"    type",[181,421,192],{"class":191},[181,423,424],{"class":195},"'%(type)s'\n",[181,426,428,431,433],{"class":183,"line":427},28,[181,429,430],{"class":187},"  matches",[181,432,192],{"class":191},[181,434,435],{"class":195},"'%(matches)s'\n",[181,437,439],{"class":183,"line":438},29,[181,440,214],{"emptyLinePlaceholder":213},[181,442,443,446,448],{"class":183,"line":23},[181,444,445],{"class":187},"http_post_all_values",[181,447,192],{"class":191},[181,449,450],{"class":243},"false\n",[110,452,454],{"id":453},"формат-payload","Формат payload",[100,456,457],{},"Sereno OnCall ожидает следующую структуру:",[132,459,463],{"className":460,"code":461,"language":462,"meta":141,"style":141},"language-json shiki shiki-themes github-light github-dark","{\n  \"rule_name\": \"My Alert Rule\",\n  \"alert_time\": \"2026-01-01T12:00:00Z\",\n  \"num_matches\": 42,\n  \"alert_info\": {\n    \"type\": \"RESOLVED\"\n  },\n  \"matches\": [\n    {\n      \"host\": \"web-01\",\n      \"service\": \"nginx\",\n      \"message\": \"Connection refused\",\n      \"status\": \"error\"\n    }\n  ]\n}\n","json",[139,464,465,470,483,495,507,515,525,530,538,543,555,567,579,589,594,599],{"__ignoreMap":141},[181,466,467],{"class":183,"line":184},[181,468,469],{"class":191},"{\n",[181,471,472,475,477,480],{"class":183,"line":199},[181,473,474],{"class":243},"  \"rule_name\"",[181,476,192],{"class":191},[181,478,479],{"class":195},"\"My Alert Rule\"",[181,481,482],{"class":191},",\n",[181,484,485,488,490,493],{"class":183,"line":210},[181,486,487],{"class":243},"  \"alert_time\"",[181,489,192],{"class":191},[181,491,492],{"class":195},"\"2026-01-01T12:00:00Z\"",[181,494,482],{"class":191},[181,496,497,500,502,505],{"class":183,"line":217},[181,498,499],{"class":243},"  \"num_matches\"",[181,501,192],{"class":191},[181,503,504],{"class":243},"42",[181,506,482],{"class":191},[181,508,509,512],{"class":183,"line":224},[181,510,511],{"class":243},"  \"alert_info\"",[181,513,514],{"class":191},": {\n",[181,516,517,520,522],{"class":183,"line":235},[181,518,519],{"class":243},"    \"type\"",[181,521,192],{"class":191},[181,523,524],{"class":195},"\"RESOLVED\"\n",[181,526,527],{"class":183,"line":247},[181,528,529],{"class":191},"  },\n",[181,531,532,535],{"class":183,"line":258},[181,533,534],{"class":243},"  \"matches\"",[181,536,537],{"class":191},": [\n",[181,539,540],{"class":183,"line":263},[181,541,542],{"class":191},"    {\n",[181,544,545,548,550,553],{"class":183,"line":7},[181,546,547],{"class":243},"      \"host\"",[181,549,192],{"class":191},[181,551,552],{"class":195},"\"web-01\"",[181,554,482],{"class":191},[181,556,557,560,562,565],{"class":183,"line":11},[181,558,559],{"class":243},"      \"service\"",[181,561,192],{"class":191},[181,563,564],{"class":195},"\"nginx\"",[181,566,482],{"class":191},[181,568,569,572,574,577],{"class":183,"line":15},[181,570,571],{"class":243},"      \"message\"",[181,573,192],{"class":191},[181,575,576],{"class":195},"\"Connection refused\"",[181,578,482],{"class":191},[181,580,581,584,586],{"class":183,"line":297},[181,582,583],{"class":243},"      \"status\"",[181,585,192],{"class":191},[181,587,588],{"class":195},"\"error\"\n",[181,590,591],{"class":183,"line":302},[181,592,593],{"class":191},"    }\n",[181,595,596],{"class":183,"line":308},[181,597,598],{"class":191},"  ]\n",[181,600,601],{"class":183,"line":319},[181,602,603],{"class":191},"}\n",[110,605,607],{"id":606},"отличия-от-elastalert","Отличия от ElastAlert",[609,610,611,625],"table",{},[612,613,614],"thead",{},[615,616,617,621,623],"tr",{},[618,619,620],"th",{},"Параметр",[618,622,77],{},[618,624,81],{},[626,627,628,646,661],"tbody",{},[615,629,630,636,641],{},[631,632,633],"td",{},[139,634,635],{},"?source=",[631,637,638],{},[139,639,640],{},"elastalert",[631,642,643],{},[139,644,645],{},"elastalert2",[615,647,648,651,656],{},[631,649,650],{},"Число совпадений",[631,652,653],{},[139,654,655],{},"num_hits",[631,657,658],{},[139,659,660],{},"num_matches",[615,662,663,669,672],{},[631,664,665,666],{},"Поле ",[139,667,668],{},"match_time",[631,670,671],{},"есть",[631,673,674],{},"нет",[100,676,677,678,681],{},"Поля из каждого объекта ",[139,679,680],{},"matches",", перечисленные ниже, попадают в лейблы алерта; остальные — в аннотации:",[100,683,684,687,688,687,691,687,694,687,697,687,700,687,703,687,706,687,709,687,711],{},[139,685,686],{},"action",", ",[139,689,690],{},"count",[139,692,693],{},"endpoint",[139,695,696],{},"host",[139,698,699],{},"ip",[139,701,702],{},"latency",[139,704,705],{},"service",[139,707,708],{},"status",[139,710,202],{},[139,712,713],{},"user",[715,716,717],"blockquote",{},[100,718,719,720,723],{},"Для отладки запустите ElastAlert 2 с флагом ",[139,721,722],{},"--debug"," — в консоли будут выведены тела отправляемых запросов.",[110,725,727],{"id":726},"документация-elastalert-2","Документация ElastAlert 2",[115,729,730,737,744],{},[118,731,732],{},[103,733,736],{"href":734,"rel":735},"https:\u002F\u002Felastalert2.readthedocs.io\u002Fen\u002Flatest\u002Falerts.html#http-post",[107],"HTTP Post alert type",[118,738,739],{},[103,740,743],{"href":741,"rel":742},"https:\u002F\u002Felastalert2.readthedocs.io\u002Fen\u002Flatest\u002Fruletypes.html#common-configuration-options",[107],"Common configuration",[118,745,746],{},[103,747,750],{"href":748,"rel":749},"https:\u002F\u002Felastalert2.readthedocs.io\u002Fen\u002Flatest\u002Frunning_elastalert.html",[107],"Running ElastAlert 2",[752,753,754],"style",{},"html pre.shiki code .s9eBZ, html code.shiki .s9eBZ{--shiki-default:#22863A;--shiki-dark:#85E89D}html pre.shiki code .sVt8B, html code.shiki .sVt8B{--shiki-default:#24292E;--shiki-dark:#E1E4E8}html pre.shiki code .sZZnC, html code.shiki .sZZnC{--shiki-default:#032F62;--shiki-dark:#9ECBFF}html pre.shiki code .sJ8bj, html code.shiki .sJ8bj{--shiki-default:#6A737D;--shiki-dark:#6A737D}html pre.shiki code .sj4cs, html code.shiki .sj4cs{--shiki-default:#005CC5;--shiki-dark:#79B8FF}html .default .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html.dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}",{"title":141,"searchDepth":199,"depth":199,"links":756},[757,758,759,760,761,762],{"id":112,"depth":199,"text":113},{"id":129,"depth":199,"text":130},{"id":144,"depth":199,"text":145},{"id":453,"depth":199,"text":454},{"id":606,"depth":199,"text":607},{"id":726,"depth":199,"text":727},null,"Настройка отправки алертов из ElastAlert 2 в Sereno OnCall через тип оповещения http_post.","md",{},{"title":81,"description":764},"docs\u002Fintegrations\u002Felastalert2","m1oevmSJa4sdJZWsJvJ40BZfjKfnQIFxA7KIXm47MUE",{"left":91,"top":91,"width":90,"height":90,"rotate":91,"vFlip":92,"hFlip":92,"body":771},"\u003Cpath fill=\"none\" stroke=\"currentColor\" stroke-linecap=\"round\" stroke-linejoin=\"round\" stroke-width=\"2\" d=\"m12 19l-7-7l7-7m7 7H5\"\u002F>",{"left":91,"top":91,"width":90,"height":90,"rotate":91,"vFlip":92,"hFlip":92,"body":773},"\u003Cpath fill=\"none\" stroke=\"currentColor\" stroke-linecap=\"round\" stroke-linejoin=\"round\" stroke-width=\"2\" d=\"m6 9l6 6l6-6\"\u002F>",{"left":91,"top":91,"width":90,"height":90,"rotate":91,"vFlip":92,"hFlip":92,"body":775},"\u003Cpath fill=\"none\" stroke=\"currentColor\" stroke-linecap=\"round\" stroke-linejoin=\"round\" stroke-width=\"2\" d=\"m18 15l-6-6l-6 6\"\u002F>",1781711770680]