You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I did several rules with a particular index using Elastalert jertel docker and it works well.
I have created a new rule with another index of Elasticsearch and encounterd an issue never seen before where I'm stucked File "/usr/local/lib/python3.11/site-packages/elastalert/elastalert.py", line 1235, in handle_rule_execution num_matches = self.run_rule(rule, endtime, rule.get('initial_starttime')) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/lib/python3.11/site-packages/elastalert/elastalert.py", line 889, in run_rule if self.is_silenced(rule['name'] + "._silence") or self.is_silenced(silence_cache_key): ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/lib/python3.11/site-packages/elastalert/elastalert.py", line 1728, in is_silenced until_ts = res['hits']['hits'][0]['_source']['until'] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^ KeyError: 'until'
I don't understand at all what it means and how to solve it, any clue ?
The text was updated successfully, but these errors were encountered:
I did several rules with a particular index using Elastalert jertel docker and it works well.
I have created a new rule with another index of Elasticsearch and encounterd an issue never seen before where I'm stucked
File "/usr/local/lib/python3.11/site-packages/elastalert/elastalert.py", line 1235, in handle_rule_execution num_matches = self.run_rule(rule, endtime, rule.get('initial_starttime')) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/lib/python3.11/site-packages/elastalert/elastalert.py", line 889, in run_rule if self.is_silenced(rule['name'] + "._silence") or self.is_silenced(silence_cache_key): ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/lib/python3.11/site-packages/elastalert/elastalert.py", line 1728, in is_silenced until_ts = res['hits']['hits'][0]['_source']['until'] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^ KeyError: 'until'I don't understand at all what it means and how to solve it, any clue ?
The text was updated successfully, but these errors were encountered: