Praeco is an alerting tool for elasticsearch – a GUI for elastalert, using the elastalert API.
- Interactively build alert rules using a query builder
- View a preview of your query and a graph of results over the last 24h
- Supports Any, Blacklist, Whitelist, Change, Frequency, Flatline, Spike and Metric Aggregation elastalert rule types
- Test your alerts against historical data
- See a preview of your alert subject/body as you are editing
- Supports notifications to Slack, Email or HTTP POST
- View logs of when your alerts are checked and when they fire
- Use templates to pre-fill commonly used rule options
First, edit rules/BaseRule.config and change the slack and smtp settings to match your environment.
Then run the app using docker:
export PRAECO_ELASTICSEARCH=<your elasticsearch ip>
docker-compose upPraeco should now be available on http://127.0.0.1:8080
A walkthrough article is available to guide you through creating your first template and rule.
Please see UPGRADING.md for version-specific instructions.
OPTIONAL: Edit config/api.config.json, config/elastalert.yaml, and/or public/praeco.config.json for advanced configuration options. See the api docs and the example elastalert config for more information on config options.
The following config settings are available in praeco.config.json:
// link back to your praeco instance, used in slack alerts
"appUrl": "http://praeco-app-url:8080",
// a recordatus (https://github.com/ServerCentral/recordatus) instance for javascript error reporting
"errorLoggerUrl": "",
// hide these fields when editing rules, if they are already filled in template
"hidePreconfiguredFields": []
If you want to develop for praeco, run the built-in development server:
npm install
npm run serve
To build a docker container from local changes:
docker build -t praeco .
Unit tests:
npm run test:unit
E2E tests:
npm run test:e2e