Releases: jertel/elastalert2
Releases · jertel/elastalert2
2.1.0
Breaking changes
- TheHive alerter refactoring - #142 - @ferozsalam
- See the updated documentation for changes required to alert formatting
- Dockerfile refactor for performance and size improvements - #102 - @jgregmac
- Dockerfile base image changed from
python/alpinetopython/slim-busterto take advantage of pre-build python wheels, accelerate build times, and reduce image size. If you have customized an image, based on jertel/elastalert2, you may need to make adjustments. - Default base path changed to
/opt/elastalertin the Dockerfile and in Helm charts. Update your volume binds accordingly. - Dockerfile now runs as a non-root user "elastalert". Ensure your volumes are accessible by this non-root user.
- System packages removed from the Dockerfile: All dev packages, cargo, libmagic. Image size reduced to 250Mb.
tmpfiles and dev packages removed from the final container image.
- Dockerfile base image changed from
New features
- Support for multiple rules directories and fix
..dataKubernetes/Openshift recursive directories in FileRulesLoader #157 - @mrfroggg - Support environment variable substition in yaml files - #149 - @archfz
- Update schema.yaml and enhance documentation for Email alerter - #144 - @nsano-rururu
- Default Email alerter to use port 25, and require http_post_url for HTTP Post alerter - #143 - @nsano-rururu
- Support extra message features for Slack and Mattermost - #140 - @nsano-rururu
- Support a footer in alert text - #133 - @nsano-rururu
- Added support for alerting via Amazon Simple Email System (SES) - #105 - @nsano-rururu
Other changes
- Begin alerter refactoring to split large source code files into smaller files - #161 - @ferozsalam
- Update contribution guidelines with additional instructions for local testing - #147, #148 - @ferozsalam
- Add more unit test coverage - #108 - @nsano-rururu
- Update documentation: describe limit_execution, correct alerters list - #107 - @fberrez
- Fix issue with testing alerts that contain Jinja templates - #101 - @jertel
- Updated all references of Elastalert to use the mixed case ElastAlert, as that is the most prevalent formatting found in the documentation.
2.0.4
Breaking changes
- None
New features
- Update python-dateutil requirement from <2.7.0,>=2.6.0 to >=2.6.0,<2.9.0 - #96 - @nsano-rururu
- Update pylint requirement from <2.8 to <2.9 - #95 - @nsano-rururu
- Pin ES library to 7.0.0 due to upcoming newer library conflicts - #90 - @robrankin
- Re-introduce CHANGELOG.md to project - #88 - @ferozsalam
- Add option for suppressing TLS warnings - #87 - @alvarolmedo
- Add support for Twilio Copilot - #86 - @cdmastercom
- Support bearer token authentication with ES - #85 - @StribPav
- Add support for statsd metrics - #83 - @eladamitpxi
- Add support for multiple imports of rules via recursive import - #83 - @eladamitpxi
- Specify search size of 0 to improve efficiency of searches - #82 - @clyfish
- Add alert handler to create Datadog events - #81 - @3vanlock
Other changes
- Added missing Helm chart config.yaml template file.
- Update .gitignore with more precise rule for /config.yaml file.
- Now publishing container images to both DockerHub and to GitHub Packages for redundancy.
- Container images are now built and published via GitHub actions instead of relying on DockerHub's automated builds.
- Update PIP library description and Helm chart description to be consistent.
- Continue updates to change references from Elastalert to Elastalert 2
2.0.3
0.2.4-alt3 - General updates
- added optional Prometheus metrics endpoint #75 by nicholasgibson2
- Update sphinx and elasticsearch-py #74 by nsano-rururu
- apscheduler>=3.3.0 to >=3.3.0,<4.0 #73 by nsano-rururu
- Kibana Discover support kibana 7.12 #72 by nsano-rururu
- allow loading jinja templates from filesystem #70 by drakaru
- Bump jinja2 from 2.10.1 to 2.11.3 dependencies #69 by dependabot
- Fix search syntax on aggregations #68 by ferozsalam
- Remove unused items in alerta from schema.yaml #67 by nsano-rururu
- fix docs slack_timeout #66 by nsano-rururu
- Update documentation for percentage_format_string and alerta_timeout #65 by nsano-rururu
- Bump tox from 3.22.0 to 3.23.0 #64 by nsano-rururu
- Add FAQ documentation #63 by ferozsalam
- Docker test python 3.6 to 3.9 #62 by nsano-rururu
- Remove mention of new alert platforms from the old README #61 by ferozsalam
- Bump coverage from 5.4 to 5.5 #60 by nsano-rururu
- Update README to point to new docs, deprecate old README #59 by ferozsalam
- added docs jira_assignee #58 by nsano-rururu
- added docs slack_parse_override and slack_text_string #57 by nsano-rururu
- Add a default description for TheHive alerts if one isn't provided #55 by ferozsalam
- Update pylint and tox #54 by nsano-rururu
- Kibana Discover support kibana 7.11 #53 by nsano-rururu
- allow alerta_severity to be set dynamically #52 by mostafahussein
- Creates a new rule config parameter that "use_local_time_for_query" #51 by dilaverdemirel
0.2.4-alt2: Upgrade Python due to CVE
- Upgrades to Python 3.9.2 to patch CVE - CVE-2021-3177
0.2.4-alt1 - First 'alt' release
This release is based on the yelp/elastalert master branch as of February 18, 2021.
Thanks to nsano-rururu for spearheading the majority of PRs for this release.
- Update requirements-dev.txt
- Add Chatwork Alerter / Fix a typo
- Add Dingtalk
- Merge pull request #41 from moix/master …
- Merge pull request #44 from Swapnil811/bug_in_elastalert …
- Merge pull request #43 from durarumin/fix_manual …
- Merge pull request #40 from Goggin/http_cacerts …
- Merge pull request #39 from abhishekjiitr/add-es-permissions …
- Merge pull request #38 from fpompermaier/master …
- Merge pull request #37 from gminog/master …
- Merge pull request #36 from Zentrust/master …
- add discord alerter
- Merge pull request #33 from raghuchinnannan/docs/squadcast-http-alerting …
- Merge pull request #31 from nsano-rururu/fix-is-enabled …
- Merge pull request #30 from nsano-rururu/fix-slack-ssl-verification …
- Merge pull request #29 from nsano-rururu/del_new_style_string_format …
- Merge pull request #28 from drboone/fix2899 …
- Fix is_enabled not work with reload
- Fixing slack ssl verification
- Fix Logging inconsistencies
- update alert types and Third Party Tools
- fix zabbix
- Remove Duplicate Key in Schema YAML
- fix ruletypes.rst typo
- add opsgenie_addr to docs
- Update running_elastalert.rst
- add tzlocal<3.0
- Fixed the logging property in config.yaml.example
- Remove duplicate property in example config file
- Typo in example_rules/ssh.yaml
- Merge branch 'alt' into jinja-engine
- Merge pull request #17 from JasperJuergensen/silence_qk_value …
- Remove hipchat & Fix loaders.py
- Merge pull request #13 from nsano-rururu/fix-aws_profile-sns …
- Fix documents
- Merge pull request #9 from daichi703n/fix/initialize_alerts_sent …
- Merge remote-tracking branch 'upstream/master' into delete-stride-int… …
- Merge remote-tracking branch 'upstream/master' into kibana-discover
- Merge branch 'sync-requirements-and-setup' of https://github.com/nsan… …
- Merge remote-tracking branch 'upstream/master' into sync-requirements… …
- Merge pull request #7 from nsano-rururu/fix-linenotify-error …
- Merge pull request #6 from nsano-rururu/fix_stomp …
- Merge pull request #5 from nsano-rururu/fix_test_rule_error …
- Merge pull request #4 from nsano-rururu/fix-docker-test …
- Update setup.py
- Update loaders.py
- Fix docker test
- Kibana 7.10
- Switch out abandoned blist lib for sortedcontainers lib
- Fix elasticsearch-py versionup test_rule.py error
- Fix the use of timestamps in the Jira ticket titles …
- remove python-magic requirement
- fix issue 2518, where false positive may be triggered sometimes
- Fix exotelto docs …
- Fix slack kibana properties …
- Fix Flake Lint Ambiguous Variable Error
- Update elastalert-test-rule to use ascii_letters