- None
- TBD - #000 - @some_elastic_contributor_tbd
- None
- None
- Expose rule scheduler properties as configurable settings - #192 - #jertel
- Speed up unit tests by adding default parallelism - 164 - @ferozsalam
- Remove unused writeback_alias and fix --patience argument 167 - @mrfroggg.
- Fix Bearer token auth in initialisation script - 169 - @ferozsalam
- TheHive alerter refactoring - #142 - @ferozsalam
- See the updated documentation for changes required to alert formatting
- Dockerfile refactor for performance and size improvements - #102 - @jgregmac
- Dockerfile base image changed from
python/alpine
topython/slim-buster
to take advantage of pre-build python wheels, accelerate build times, and reduce image size. If you have customized an image, based on jertel/elastalert2, you may need to make adjustments. - Default base path changed to
/opt/elastalert
in the Dockerfile and in Helm charts. Update your volume binds accordingly. - Dockerfile now runs as a non-root user "elastalert". Ensure your volumes are accessible by this non-root user.
- System packages removed from the Dockerfile: All dev packages, cargo, libmagic. Image size reduced to 250Mb.
tmp
files and dev packages removed from the final container image.
- Dockerfile base image changed from
- Support for multiple rules directories and fix
..data
Kubernetes/Openshift recursive directories in FileRulesLoader #157 - @mrfroggg - Support environment variable substition in yaml files - #149 - @archfz
- Update schema.yaml and enhance documentation for Email alerter - #144 - @nsano-rururu
- Default Email alerter to use port 25, and require http_post_url for HTTP Post alerter - #143 - @nsano-rururu
- Support extra message features for Slack and Mattermost - #140 - @nsano-rururu
- Support a footer in alert text - #133 - @nsano-rururu
- Added support for alerting via Amazon Simple Email System (SES) - #105 - @nsano-rururu
- Begin alerter refactoring to split large source code files into smaller files - #161 - @ferozsalam
- Update contribution guidelines with additional instructions for local testing - #147, #148 - @ferozsalam
- Add more unit test coverage - #108 - @nsano-rururu
- Update documentation: describe limit_execution, correct alerters list - #107 - @fberrez
- Fix issue with testing alerts that contain Jinja templates - #101 - @jertel
- Updated all references of Elastalert to use the mixed case ElastAlert, as that is the most prevalent formatting found in the documentation.
- None
- Update python-dateutil requirement from <2.7.0,>=2.6.0 to >=2.6.0,<2.9.0 - #96 - @nsano-rururu
- Update pylint requirement from <2.8 to <2.9 - #95 - @nsano-rururu
- Pin ES library to 7.0.0 due to upcoming newer library conflicts - #90 - @robrankin
- Re-introduce CHANGELOG.md to project - #88 - @ferozsalam
- Add option for suppressing TLS warnings - #87 - @alvarolmedo
- Add support for Twilio Copilot - #86 - @cdmastercom
- Support bearer token authentication with ES - #85 - @StribPav
- Add support for statsd metrics - #83 - @eladamitpxi
- Add support for multiple imports of rules via recursive import - #83 - @eladamitpxi
- Specify search size of 0 to improve efficiency of searches - #82 - @clyfish
- Add alert handler to create Datadog events - #81 - @3vanlock
- Added missing Helm chart config.yaml template file.
- Update .gitignore with more precise rule for /config.yaml file.
- Now publishing container images to both DockerHub and to GitHub Packages for redundancy.
- Container images are now built and published via GitHub actions instead of relying on DockerHub's automated builds.
- Update PIP library description and Helm chart description to be consistent.
- Continue updates to change references from ElastAlert to ElastAlert 2