설치하시다가 안되시면 댓글로 로그 같은 거 남겨주세요. 도와드릴 수 있는 만큼은 도와드리겠습니다. 해당 매뉴얼은 제가 설치할 때의 상황일 뿐, 각 환경마다 오류가 다를 것 같아요. 저도 이거 설치하느라 애 먹었습니다. 거의 3일간 삽질!
kibana에서 elastalert 구성 시 필수사항
python 3.6 (3.7, 3.8은 해보지 않아서 모르겠지만, 3.9 이상은 절대 설치 불가)
elastalert은 elasticsearch에 특정 메시지가 도착할 경우 알람을 주기 위한 서비스입니다.
elastialert install_1: https://github.com/Yelp/elastalert
elastialert install_2: https://github.com/bitsensor/elastalert
elastalert-plugin: https://github.com/karql/elastalert-kibana-plugin/releases
elastalert 설치한 RAW 데이터 입니다. 설치 방법만 보시고 싶으시다면 아래 게시물로 이동해주세요.
https://dirt-spoon.tistory.com/58
elastalert 설치 명령어 정리
# pip3 install --upgrade pip
# pip install setuptools-rust
# yum install gcc libffi-devel python36-devel openssl-devel
# pip install elastalert
# cd /opt
# git clone https://github.com/Yelp/elastalert.git
# cd elastalert
# pip install --ignore-installed PyYAML -r requirements.txt
# cd ..
# rm -rf ./elastalert/
# git clone https://github.com/bitsensor/elastalert.git && cd elastalert
# yum install npm bunyan babel-register babel-preset-es2015 express body-parser joi object-resolve-path mkdirp ws lodash elasticsearch tar fs-extra request-promise-native request randomstring cors util babel-cli raven eslint husky istanbul mocha
# python -m pip install --upgrade 'elasticsearch>=7.16,<8'
# echo \
'rules_folder: rules # 폴더명
run_every: # elasticsearch를 쿼리하는 빈도
minutes: 1
buffer_time: # 쿼리가 실행되는 시간부터 뒤로 늘어나는 쿼리 창의 크기
minutes: 15
es_host: 192.168.0.17 # elasticsearch host
es_port: 9200 # elasticsearch 사용 port
writeback_index: elastalert_status # elastalert2가 데이터를 저장할 index
alert_time_limit: # 실패한 경고에 대한 재시도 기간
days: 2' > config.yaml
pip 명령어가 없는 경우
[root@tmplogsvr opt]# pip3 install --upgrade pip
WARNING: Running pip install with root privileges is generally not a good idea. Try `pip3 install --user` instead.
Collecting pip
Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB)
100% |████████████████████████████████| 1.7MB 1.2MB/s
Installing collected packages: pip
Successfully installed pip-21.3.1
You are using pip version 21.3.1, however version 23.0.1 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.
[root@tmplogsvr opt]#
elastalert 설치
- 오류발생: ModuleNotFoundError: No module named 'setuptools_rust'
[root@tmplogsvr opt]# pip3 install elastalert
WARNING: Running pip install with root privileges is generally not a good idea. Try `pip3 install --user` instead.
Collecting elastalert
Downloading https://files.pythonhosted.org/packages/fb/cc/58ae185e01eb9baad6108859287168c3c9592be50f546f40dc40470c3bf9/elastalert-0.2.4.tar.gz (128kB)
100% |████████████████████████████████| 133kB 10.9MB/s
Collecting apscheduler>=3.3.0 (from elastalert)
Downloading https://files.pythonhosted.org/packages/d0/08/952d9570f4897dc2b30166fca5afd3a2cd19b3d408abdb470978484e8a09/APScheduler-3.10.1-py3-none-any.whl (59kB)
100% |████████████████████████████████| 61kB 15.9MB/s
Collecting aws-requests-auth>=0.3.0 (from elastalert)
Downloading https://files.pythonhosted.org/packages/af/11/5dc8be418e1d54bed15eaf3a7461797e5ebb9e6a34869ad750561f35fa5b/aws_requests_auth-0.4.3-py2.py3-none-any.whl
Collecting blist>=1.3.6 (from elastalert)
Downloading https://files.pythonhosted.org/packages/6b/a8/dca5224abe81ccf8db81f8a2ca3d63e7a5fa7a86adc198d4e268c67ce884/blist-1.3.6.tar.gz (122kB)
100% |████████████████████████████████| 122kB 13.7MB/s
Collecting boto3>=1.4.4 (from elastalert)
Downloading https://files.pythonhosted.org/packages/75/ca/d917b244919f1ebf96f7bbd5a00e4641f7e9191b0d070258f5dc10f5eaad/boto3-1.23.10-py3-none-any.whl (132kB)
100% |████████████████████████████████| 133kB 12.7MB/s
Collecting configparser>=3.5.0 (from elastalert)
Downloading https://files.pythonhosted.org/packages/2b/af/0e28626b47c84172a112397f034bb1b6349960ca6e0fe7c96666e0ccae69/configparser-5.2.0-py3-none-any.whl
Collecting croniter>=0.3.16 (from elastalert)
Downloading https://files.pythonhosted.org/packages/0f/4d/0cc5a7f4bdcefecebdf8a95c8372606c13d3355e8536d9cd3e7070e94269/croniter-1.3.8-py2.py3-none-any.whl
Collecting elasticsearch==7.0.0 (from elastalert)
Downloading https://files.pythonhosted.org/packages/a8/27/d3a9ecd9f8f972d99da98672d4766b9f62ef64c323c40bb5e2557e538ea3/elasticsearch-7.0.0-py2.py3-none-any.whl (80kB)
100% |████████████████████████████████| 81kB 13.8MB/s
Collecting envparse>=0.2.0 (from elastalert)
Downloading https://files.pythonhosted.org/packages/2f/8d/bee8a59732c169a455627ff1557d0db180f7c352b0274480267ad3e46875/envparse-0.2.0.tar.gz
Collecting exotel>=0.1.3 (from elastalert)
Downloading https://files.pythonhosted.org/packages/c6/68/6373dedcc7f7eadc017f9629e2f1b33393e8f740fb9c801962a3ce4dfa91/exotel-0.1.5.tar.gz
Collecting jira>=2.0.0 (from elastalert)
Downloading https://files.pythonhosted.org/packages/06/77/323bc398a16c0bd791d162dfe69e0dcc5be06da5d90e423ac48250ae9366/jira-3.2.0-py3-none-any.whl (69kB)
100% |████████████████████████████████| 71kB 15.3MB/s
Collecting jsonschema>=3.0.2 (from elastalert)
Downloading https://files.pythonhosted.org/packages/c5/8f/51e89ce52a085483359217bc72cdbf6e75ee595d5b1d4b5ade40c7e018b8/jsonschema-3.2.0-py2.py3-none-any.whl (56kB)
100% |████████████████████████████████| 61kB 17.4MB/s
Collecting mock>=2.0.0 (from elastalert)
Downloading https://files.pythonhosted.org/packages/e6/88/8a05e7ad0bb823246b2add3d2e97f990c41c71a40762c8db77a4bd78eedf/mock-5.0.1-py3-none-any.whl
Collecting prison>=0.1.2 (from elastalert)
Downloading https://files.pythonhosted.org/packages/f1/bd/e55e14cd213174100be0353824f2add41e8996c6f32081888897e8ec48b5/prison-0.2.1-py2.py3-none-any.whl
Collecting PyStaticConfiguration>=0.10.3 (from elastalert)
Downloading https://files.pythonhosted.org/packages/11/44/35e69af3cd5656fe71a984a31e2f4086c51011989ed0b5766541841c347a/PyStaticConfiguration-0.11.1-py3-none-any.whl
Requirement already satisfied: python-dateutil<2.7.0,>=2.6.0 in /usr/lib/python3.6/site-packages (from elastalert)
Requirement already satisfied: PyYAML>=3.12 in /usr/lib64/python3.6/site-packages (from elastalert)
Requirement already satisfied: requests>=2.10.0 in /usr/lib/python3.6/site-packages (from elastalert)
Collecting stomp.py>=4.1.17 (from elastalert)
Downloading https://files.pythonhosted.org/packages/b4/fd/3b44012986027cd0c85bbbb7c79487d6d48f614345797e7332a4511f0d06/stomp.py-8.1.0-py3-none-any.whl (42kB)
100% |████████████████████████████████| 51kB 18.1MB/s
Collecting texttable>=0.8.8 (from elastalert)
Downloading https://files.pythonhosted.org/packages/ba/a7/2c12b543f853dae886286b824200eb9d7cd2466e3d14eff1799fbe8223b9/texttable-1.6.7-py2.py3-none-any.whl
Collecting twilio<6.1,>=6.0.0 (from elastalert)
Downloading https://files.pythonhosted.org/packages/f6/20/c6d72e0f29030206342e4b5bef9f573bdb7c305615ea77c11c81f5c0196d/twilio-6.0.0.tar.gz (304kB)
100% |████████████████████████████████| 307kB 5.9MB/s
Collecting python-magic>=0.4.15 (from elastalert)
Downloading https://files.pythonhosted.org/packages/6c/73/9f872cb81fc5c3bb48f7227872c28975f998f3e7c2b1c16e95e6432bbb90/python_magic-0.4.27-py2.py3-none-any.whl
Collecting cffi>=1.11.5 (from elastalert)
Downloading https://files.pythonhosted.org/packages/3a/12/d6066828014b9ccb2bbb8e1d9dc28872d20669b65aeb4a86806a0757813f/cffi-1.15.1-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (402kB)
100% |████████████████████████████████| 409kB 4.7MB/s
Requirement already satisfied: pytz in /usr/lib/python3.6/site-packages (from apscheduler>=3.3.0->elastalert)
Collecting tzlocal!=3.*,>=2.0 (from apscheduler>=3.3.0->elastalert)
Downloading https://files.pythonhosted.org/packages/31/b7/3bc2c1868f27677139b772e4fde95265b93151912fd90eb874827943bfcf/tzlocal-4.2-py3-none-any.whl
Requirement already satisfied: setuptools>=0.7 in /usr/lib/python3.6/site-packages (from apscheduler>=3.3.0->elastalert)
Requirement already satisfied: six>=1.4.0 in /usr/lib/python3.6/site-packages (from apscheduler>=3.3.0->elastalert)
Collecting s3transfer<0.6.0,>=0.5.0 (from boto3>=1.4.4->elastalert)
Downloading https://files.pythonhosted.org/packages/7b/9c/f51775ebe7df5a7aa4e7c79ed671bde94e154bd968aca8d65bb24aba0c8c/s3transfer-0.5.2-py3-none-any.whl (79kB)
100% |████████████████████████████████| 81kB 16.0MB/s
Collecting botocore<1.27.0,>=1.26.10 (from boto3>=1.4.4->elastalert)
Downloading https://files.pythonhosted.org/packages/09/b8/794e0bd260198538ded90c26b353ddb632eab01950d4e7e2e2b8ee510d12/botocore-1.26.10-py3-none-any.whl (8.8MB)
100% |████████████████████████████████| 8.8MB 229kB/s
Collecting jmespath<2.0.0,>=0.7.1 (from boto3>=1.4.4->elastalert)
Downloading https://files.pythonhosted.org/packages/07/cb/5f001272b6faeb23c1c9e0acc04d48eaaf5c862c17709d20e3469c6e0139/jmespath-0.10.0-py2.py3-none-any.whl
Requirement already satisfied: urllib3>=1.21.1 in /usr/lib/python3.6/site-packages (from elasticsearch==7.0.0->elastalert)
Collecting requests-toolbelt (from jira>=2.0.0->elastalert)
Downloading https://files.pythonhosted.org/packages/05/d3/bf87a36bff1cb88fd30a509fd366c70ec30676517ee791b2f77e0e29817a/requests_toolbelt-0.10.1-py2.py3-none-any.whl (54kB)
100% |████████████████████████████████| 61kB 19.8MB/s
Collecting typing-extensions>=3.7.4.2 (from jira>=2.0.0->elastalert)
Downloading https://files.pythonhosted.org/packages/45/6b/44f7f8f1e110027cf88956b59f2fad776cca7e1704396d043f89effd3a0e/typing_extensions-4.1.1-py3-none-any.whl
Collecting requests-oauthlib>=1.1.0 (from jira>=2.0.0->elastalert)
Downloading https://files.pythonhosted.org/packages/6f/bb/5deac77a9af870143c684ab46a7934038a53eb4aa975bc0687ed6ca2c610/requests_oauthlib-1.3.1-py2.py3-none-any.whl
Collecting keyring (from jira>=2.0.0->elastalert)
Downloading https://files.pythonhosted.org/packages/a4/e9/104ec4bffcf971375c348146c2199d4e241294286cc04a428b12c02e5f81/keyring-23.4.1-py3-none-any.whl
Collecting defusedxml (from jira>=2.0.0->elastalert)
Downloading https://files.pythonhosted.org/packages/07/6c/aa3f2f849e01cb6a001cd8554a88d4c77c5c1a31c95bdf1cf9301e6d9ef4/defusedxml-0.7.1-py2.py3-none-any.whl
Collecting pyrsistent>=0.14.0 (from jsonschema>=3.0.2->elastalert)
Downloading https://files.pythonhosted.org/packages/6c/19/1af501f6f388a40ede6d0185ba481bdb18ffc99deab0dd0d092b173bc0f4/pyrsistent-0.18.0-cp36-cp36m-manylinux1_x86_64.whl (117kB)
100% |████████████████████████████████| 122kB 13.5MB/s
Collecting attrs>=17.4.0 (from jsonschema>=3.0.2->elastalert)
Downloading https://files.pythonhosted.org/packages/fb/6e/6f83bf616d2becdf333a1640f1d463fef3150e2e926b7010cb0f81c95e88/attrs-22.2.0-py3-none-any.whl (60kB)
100% |████████████████████████████████| 61kB 16.5MB/s
Collecting importlib-metadata; python_version < "3.8" (from jsonschema>=3.0.2->elastalert)
Downloading https://files.pythonhosted.org/packages/a0/a1/b153a0a4caf7a7e3f15c2cd56c7702e2cf3d89b1b359d1f1c5e59d68f4ce/importlib_metadata-4.8.3-py3-none-any.whl
Requirement already satisfied: chardet<3.1.0,>=3.0.2 in /usr/lib/python3.6/site-packages (from requests>=2.10.0->elastalert)
Requirement already satisfied: idna<2.8,>=2.5 in /usr/lib/python3.6/site-packages (from requests>=2.10.0->elastalert)
Collecting docopt<0.7.0,>=0.6.2 (from stomp.py>=4.1.17->elastalert)
Downloading https://files.pythonhosted.org/packages/a2/55/8f8cab2afd404cf578136ef2cc5dfb50baa1761b68c9da1fb1e4eed343c9/docopt-0.6.2.tar.gz
Collecting websocket-client<2.0.0,>=1.2.3 (from stomp.py>=4.1.17->elastalert)
Downloading https://files.pythonhosted.org/packages/35/21/8614b6de7c35d0bc584da13c45b8b08e404eee28a0504c1d00f5e1aa0a23/websocket_client-1.3.1-py3-none-any.whl (54kB)
100% |████████████████████████████████| 61kB 17.7MB/s
Collecting PyJWT>=1.4.2 (from twilio<6.1,>=6.0.0->elastalert)
Downloading https://files.pythonhosted.org/packages/1c/fb/b82e9601b00d88cf8bbee1f39b855ae773f9d5bcbcedb3801b2f72460696/PyJWT-2.4.0-py3-none-any.whl
Requirement already satisfied: pysocks in /usr/lib/python3.6/site-packages (from twilio<6.1,>=6.0.0->elastalert)
Collecting pycparser (from cffi>=1.11.5->elastalert)
Downloading https://files.pythonhosted.org/packages/62/d5/5f610ebe421e85889f2e55e33b7f9a6795bd982198517d912eb1c76e1a53/pycparser-2.21-py2.py3-none-any.whl (118kB)
100% |████████████████████████████████| 122kB 14.5MB/s
Collecting backports.zoneinfo; python_version < "3.9" (from tzlocal!=3.*,>=2.0->apscheduler>=3.3.0->elastalert)
Downloading https://files.pythonhosted.org/packages/f9/04/33e910faffe91a5680d68a064162525779259ae5de3b0c0c5bd9c4e900e0/backports.zoneinfo-0.2.1-cp36-cp36m-manylinux1_x86_64.whl (70kB)
100% |████████████████████████████████| 71kB 15.6MB/s
Collecting pytz-deprecation-shim (from tzlocal!=3.*,>=2.0->apscheduler>=3.3.0->elastalert)
Downloading https://files.pythonhosted.org/packages/eb/73/3eaab547ca809754e67e06871cff0fc962bafd4b604e15f31896a0f94431/pytz_deprecation_shim-0.1.0.post0-py2.py3-none-any.whl
Collecting oauthlib>=3.0.0 (from requests-oauthlib>=1.1.0->jira>=2.0.0->elastalert)
Downloading https://files.pythonhosted.org/packages/7e/80/cab10959dc1faead58dc8384a781dfbf93cb4d33d50988f7a69f1b7c9bbe/oauthlib-3.2.2-py3-none-any.whl (151kB)
100% |████████████████████████████████| 153kB 11.8MB/s
Collecting SecretStorage>=3.2; sys_platform == "linux" (from keyring->jira>=2.0.0->elastalert)
Downloading https://files.pythonhosted.org/packages/54/24/b4293291fa1dd830f353d2cb163295742fa87f179fcc8a20a306a81978b7/SecretStorage-3.3.3-py3-none-any.whl
Collecting jeepney>=0.4.2; sys_platform == "linux" (from keyring->jira>=2.0.0->elastalert)
Downloading https://files.pythonhosted.org/packages/14/b8/bb3e34d71472140f9bfdf5d77cd063e2cc964b72b1bb0b70fe3c1e7db932/jeepney-0.7.1-py3-none-any.whl (54kB)
100% |████████████████████████████████| 61kB 15.7MB/s
Collecting zipp>=0.5 (from importlib-metadata; python_version < "3.8"->jsonschema>=3.0.2->elastalert)
Downloading https://files.pythonhosted.org/packages/bd/df/d4a4974a3e3957fd1c1fa3082366d7fff6e428ddb55f074bf64876f8e8ad/zipp-3.6.0-py3-none-any.whl
Collecting importlib-resources; python_version < "3.7" (from backports.zoneinfo; python_version < "3.9"->tzlocal!=3.*,>=2.0->apscheduler>=3.3.0->elastalert)
Downloading https://files.pythonhosted.org/packages/24/1b/33e489669a94da3ef4562938cd306e8fa915e13939d7b8277cb5569cb405/importlib_resources-5.4.0-py3-none-any.whl
Collecting tzdata; python_version >= "3.6" (from pytz-deprecation-shim->tzlocal!=3.*,>=2.0->apscheduler>=3.3.0->elastalert)
Downloading https://files.pythonhosted.org/packages/fa/5e/f99a7df3ae2079211d31ec23b1d34380c7870c26e99159f6e422dcbab538/tzdata-2022.7-py2.py3-none-any.whl (340kB)
100% |████████████████████████████████| 348kB 6.2MB/s
Collecting cryptography>=2.0 (from SecretStorage>=3.2; sys_platform == "linux"->keyring->jira>=2.0.0->elastalert)
Downloading https://files.pythonhosted.org/packages/fa/f3/f4b8c175ea9a1de650b0085858059050b7953a93d66c97ed89b93b232996/cryptography-39.0.2.tar.gz (604kB)
100% |████████████████████████████████| 614kB 3.2MB/s
Complete output from command python setup.py egg_info:
=============================DEBUG ASSISTANCE==========================
If you are seeing an error here please try the following to
successfully install cryptography:
Upgrade to the latest pip and try again. This will fix errors for most
users. See: https://pip.pypa.io/en/stable/installing/#upgrading-pip
=============================DEBUG ASSISTANCE==========================
Traceback (most recent call last):
File "<string>", line 1, in <module>
File "/tmp/pip-build-j3urc0g_/cryptography/setup.py", line 18, in <module>
from setuptools_rust import RustExtension
ModuleNotFoundError: No module named 'setuptools_rust'
----------------------------------------
Command "python setup.py egg_info" failed with error code 1 in /tmp/pip-build-j3urc0g_/cryptography/
[root@tmplogsvr opt]#
setuptools-rust 설치
[root@tmplogsvr opt]# pip3 install setuptools-rust
WARNING: Running pip install with root privileges is generally not a good idea. Try `pip3 install --user` instead.
Collecting setuptools-rust
Downloading https://files.pythonhosted.org/packages/66/ca/66bdf8f326977098eff28c314c8f825bc28d6986944c590e40ad0f74c5f0/setuptools_rust-1.1.2-py3-none-any.whl
Collecting typing-extensions>=3.7.4.3 (from setuptools-rust)
Using cached https://files.pythonhosted.org/packages/45/6b/44f7f8f1e110027cf88956b59f2fad776cca7e1704396d043f89effd3a0e/typing_extensions-4.1.1-py3-none-any.whl
Collecting setuptools>=46.1 (from setuptools-rust)
Downloading https://files.pythonhosted.org/packages/b0/3a/88b210db68e56854d0bcf4b38e165e03be377e13907746f825790f3df5bf/setuptools-59.6.0-py3-none-any.whl (952kB)
100% |████████████████████████████████| 962kB 2.0MB/s
Collecting semantic-version<3,>=2.8.2 (from setuptools-rust)
Downloading https://files.pythonhosted.org/packages/6a/23/8146aad7d88f4fcb3a6218f41a60f6c2d4e3a72de72da1825dc7c8f7877c/semantic_version-2.10.0-py2.py3-none-any.whl
Installing collected packages: typing-extensions, setuptools, semantic-version, setuptools-rust
Successfully installed semantic-version-2.10.0 setuptools-59.6.0 setuptools-rust-1.1.2 typing-extensions-4.1.1
[root@tmplogsvr opt]#
pip를 설치하여 pip3가 아닌 pip로 elastalert 설치
- 오류발생: error: command 'gcc' failed with exit status 1
[root@tmplogsvr opt]# pip install elastalert
Collecting elastalert
Using cached elastalert-0.2.4.tar.gz (128 kB)
Preparing metadata (setup.py) ... done
Collecting apscheduler>=3.3.0
Using cached APScheduler-3.10.1-py3-none-any.whl (59 kB)
Collecting aws-requests-auth>=0.3.0
Using cached aws_requests_auth-0.4.3-py2.py3-none-any.whl (6.8 kB)
Collecting blist>=1.3.6
Using cached blist-1.3.6.tar.gz (122 kB)
Preparing metadata (setup.py) ... done
Collecting boto3>=1.4.4
Using cached boto3-1.23.10-py3-none-any.whl (132 kB)
Collecting configparser>=3.5.0
Using cached configparser-5.2.0-py3-none-any.whl (19 kB)
Collecting croniter>=0.3.16
Using cached croniter-1.3.8-py2.py3-none-any.whl (18 kB)
Collecting elasticsearch==7.0.0
Using cached elasticsearch-7.0.0-py2.py3-none-any.whl (80 kB)
Collecting envparse>=0.2.0
Using cached envparse-0.2.0.tar.gz (7.6 kB)
Preparing metadata (setup.py) ... done
Collecting exotel>=0.1.3
Using cached exotel-0.1.5.tar.gz (2.2 kB)
Preparing metadata (setup.py) ... done
Collecting jira>=2.0.0
Using cached jira-3.2.0-py3-none-any.whl (69 kB)
Collecting jsonschema>=3.0.2
Using cached jsonschema-3.2.0-py2.py3-none-any.whl (56 kB)
Collecting mock>=2.0.0
Using cached mock-5.0.1-py3-none-any.whl (30 kB)
Collecting prison>=0.1.2
Using cached prison-0.2.1-py2.py3-none-any.whl (5.8 kB)
Collecting PyStaticConfiguration>=0.10.3
Using cached PyStaticConfiguration-0.11.1-py3-none-any.whl (27 kB)
Requirement already satisfied: python-dateutil<2.7.0,>=2.6.0 in /usr/lib/python3.6/site-packages (from elastalert) (2.6.1)
Requirement already satisfied: PyYAML>=3.12 in /usr/lib64/python3.6/site-packages (from elastalert) (3.12)
Requirement already satisfied: requests>=2.10.0 in /usr/lib/python3.6/site-packages (from elastalert) (2.20.0)
Collecting stomp.py>=4.1.17
Using cached stomp.py-8.1.0-py3-none-any.whl (42 kB)
Collecting texttable>=0.8.8
Using cached texttable-1.6.7-py2.py3-none-any.whl (10 kB)
Collecting twilio<6.1,>=6.0.0
Using cached twilio-6.0.0.tar.gz (304 kB)
Preparing metadata (setup.py) ... done
Collecting python-magic>=0.4.15
Using cached python_magic-0.4.27-py2.py3-none-any.whl (13 kB)
Collecting cffi>=1.11.5
Using cached cffi-1.15.1-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (402 kB)
Requirement already satisfied: urllib3>=1.21.1 in /usr/lib/python3.6/site-packages (from elasticsearch==7.0.0->elastalert) (1.24.2)
Requirement already satisfied: six>=1.4.0 in /usr/lib/python3.6/site-packages (from apscheduler>=3.3.0->elastalert) (1.11.0)
Requirement already satisfied: pytz in /usr/lib/python3.6/site-packages (from apscheduler>=3.3.0->elastalert) (2017.2)
Collecting tzlocal!=3.*,>=2.0
Using cached tzlocal-4.2-py3-none-any.whl (19 kB)
Requirement already satisfied: setuptools>=0.7 in /usr/local/lib/python3.6/site-packages (from apscheduler>=3.3.0->elastalert) (59.6.0)
Collecting s3transfer<0.6.0,>=0.5.0
Using cached s3transfer-0.5.2-py3-none-any.whl (79 kB)
Collecting botocore<1.27.0,>=1.26.10
Using cached botocore-1.26.10-py3-none-any.whl (8.8 MB)
Collecting jmespath<2.0.0,>=0.7.1
Using cached jmespath-0.10.0-py2.py3-none-any.whl (24 kB)
Collecting pycparser
Using cached pycparser-2.21-py2.py3-none-any.whl (118 kB)
Collecting defusedxml
Using cached defusedxml-0.7.1-py2.py3-none-any.whl (25 kB)
Collecting requests-oauthlib>=1.1.0
Using cached requests_oauthlib-1.3.1-py2.py3-none-any.whl (23 kB)
Collecting requests-toolbelt
Using cached requests_toolbelt-0.10.1-py2.py3-none-any.whl (54 kB)
Collecting keyring
Using cached keyring-23.4.1-py3-none-any.whl (33 kB)
Requirement already satisfied: typing-extensions>=3.7.4.2 in /usr/local/lib/python3.6/site-packages (from jira>=2.0.0->elastalert) (4.1.1)
Collecting importlib-metadata
Using cached importlib_metadata-4.8.3-py3-none-any.whl (17 kB)
Collecting pyrsistent>=0.14.0
Using cached pyrsistent-0.18.0-cp36-cp36m-manylinux1_x86_64.whl (117 kB)
Collecting attrs>=17.4.0
Using cached attrs-22.2.0-py3-none-any.whl (60 kB)
Requirement already satisfied: chardet<3.1.0,>=3.0.2 in /usr/lib/python3.6/site-packages (from requests>=2.10.0->elastalert) (3.0.4)
Requirement already satisfied: idna<2.8,>=2.5 in /usr/lib/python3.6/site-packages (from requests>=2.10.0->elastalert) (2.5)
Collecting docopt<0.7.0,>=0.6.2
Using cached docopt-0.6.2.tar.gz (25 kB)
Preparing metadata (setup.py) ... done
Collecting websocket-client<2.0.0,>=1.2.3
Using cached websocket_client-1.3.1-py3-none-any.whl (54 kB)
Collecting PyJWT>=1.4.2
Using cached PyJWT-2.4.0-py3-none-any.whl (18 kB)
Requirement already satisfied: pysocks in /usr/lib/python3.6/site-packages (from twilio<6.1,>=6.0.0->elastalert) (1.6.8)
INFO: pip is looking at multiple versions of attrs to determine which version is compatible with other requirements. This could take a while.
Collecting attrs>=17.4.0
Downloading attrs-22.1.0-py2.py3-none-any.whl (58 kB)
|████████████████████████████████| 58 kB 12.4 MB/s
INFO: pip is looking at multiple versions of twilio to determine which version is compatible with other requirements. This could take a while.
INFO: pip is looking at multiple versions of texttable to determine which version is compatible with other requirements. This could take a while.
Collecting texttable>=0.8.8
Downloading texttable-1.6.6-py2.py3-none-any.whl (11 kB)
INFO: pip is looking at multiple versions of stomp-py to determine which version is compatible with other requirements. This could take a while.
Collecting stomp.py>=4.1.17
Downloading stomp.py-8.0.1-py3-none-any.whl (37 kB)
INFO: pip is looking at multiple versions of requests to determine which version is compatible with other requirements. This could take a while.
Collecting requests>=2.10.0
Downloading requests-2.27.1-py2.py3-none-any.whl (63 kB)
|████████████████████████████████| 63 kB 5.3 MB/s
Collecting charset-normalizer~=2.0.0
Downloading charset_normalizer-2.0.12-py3-none-any.whl (39 kB)
Collecting certifi>=2017.4.17
Downloading certifi-2022.12.7-py3-none-any.whl (155 kB)
|████████████████████████████████| 155 kB 74.1 MB/s
Collecting urllib3>=1.21.1
Downloading urllib3-1.26.15-py2.py3-none-any.whl (140 kB)
|████████████████████████████████| 140 kB 69.9 MB/s
Collecting oauthlib>=3.0.0
Using cached oauthlib-3.2.2-py3-none-any.whl (151 kB)
Collecting backports.zoneinfo
Using cached backports.zoneinfo-0.2.1-cp36-cp36m-manylinux1_x86_64.whl (70 kB)
Collecting pytz-deprecation-shim
Using cached pytz_deprecation_shim-0.1.0.post0-py2.py3-none-any.whl (15 kB)
Collecting zipp>=0.5
Using cached zipp-3.6.0-py3-none-any.whl (5.3 kB)
Collecting jeepney>=0.4.2
Using cached jeepney-0.7.1-py3-none-any.whl (54 kB)
Collecting SecretStorage>=3.2
Using cached SecretStorage-3.3.3-py3-none-any.whl (15 kB)
Collecting cryptography>=2.0
Downloading cryptography-39.0.2-cp36-abi3-manylinux_2_28_x86_64.whl (4.2 MB)
|████████████████████████████████| 4.2 MB 78.6 MB/s
Collecting importlib-resources
Using cached importlib_resources-5.4.0-py3-none-any.whl (28 kB)
Collecting tzdata
Using cached tzdata-2022.7-py2.py3-none-any.whl (340 kB)
Using legacy 'setup.py install' for elastalert, since package 'wheel' is not installed.
Using legacy 'setup.py install' for blist, since package 'wheel' is not installed.
Using legacy 'setup.py install' for envparse, since package 'wheel' is not installed.
Using legacy 'setup.py install' for exotel, since package 'wheel' is not installed.
Using legacy 'setup.py install' for twilio, since package 'wheel' is not installed.
Using legacy 'setup.py install' for docopt, since package 'wheel' is not installed.
Installing collected packages: zipp, pycparser, importlib-resources, cffi, urllib3, tzdata, jmespath, jeepney, cryptography, charset-normalizer, certifi, backports.zoneinfo, SecretStorage, requests, pytz-deprecation-shim, oauthlib, importlib-metadata, botocore, websocket-client, tzlocal, s3transfer, requests-toolbelt, requests-oauthlib, pyrsistent, PyJWT, keyring, docopt, defusedxml, attrs, twilio, texttable, stomp.py, python-magic, PyStaticConfiguration, prison, mock, jsonschema, jira, exotel, envparse, elasticsearch, croniter, configparser, boto3, blist, aws-requests-auth, apscheduler, elastalert
Attempting uninstall: urllib3
Found existing installation: urllib3 1.24.2
Uninstalling urllib3-1.24.2:
Successfully uninstalled urllib3-1.24.2
Attempting uninstall: requests
Found existing installation: requests 2.20.0
Uninstalling requests-2.20.0:
Successfully uninstalled requests-2.20.0
Running setup.py install for docopt ... done
Running setup.py install for twilio ... done
Running setup.py install for exotel ... done
Running setup.py install for envparse ... done
Running setup.py install for blist ... error
ERROR: Command errored out with exit status 1:
command: /usr/bin/python3.6 -u -c 'import io, os, sys, setuptools, tokenize; sys.argv[0] = '"'"'/tmp/pip-install-vw09qqdo/blist_5985a06eebc244dfbb6203841bf7f137/setup.py'"'"'; __file__='"'"'/tmp/pip-install-vw09qqdo/blist_5985a06eebc244dfbb6203841bf7f137/setup.py'"'"';f = getattr(tokenize, '"'"'open'"'"', open)(__file__) if os.path.exists(__file__) else io.StringIO('"'"'from setuptools import setup; setup()'"'"');code = f.read().replace('"'"'\r\n'"'"', '"'"'\n'"'"');f.close();exec(compile(code, __file__, '"'"'exec'"'"'))' install --record /tmp/pip-record-9ratp9fl/install-record.txt --single-version-externally-managed --compile --install-headers /usr/local/include/python3.6m/blist
cwd: /tmp/pip-install-vw09qqdo/blist_5985a06eebc244dfbb6203841bf7f137/
Complete output (22 lines):
running install
/usr/local/lib/python3.6/site-packages/setuptools/command/install.py:37: SetuptoolsDeprecationWarning: setup.py install is deprecated. Use build and pip and other standards-based tools.
setuptools.SetuptoolsDeprecationWarning,
running build
running build_py
creating build
creating build/lib.linux-x86_64-3.6
creating build/lib.linux-x86_64-3.6/blist
copying blist/_sorteddict.py -> build/lib.linux-x86_64-3.6/blist
copying blist/_sortedlist.py -> build/lib.linux-x86_64-3.6/blist
copying blist/_btuple.py -> build/lib.linux-x86_64-3.6/blist
copying blist/__init__.py -> build/lib.linux-x86_64-3.6/blist
running build_ext
building 'blist._blist' extension
creating build/temp.linux-x86_64-3.6
creating build/temp.linux-x86_64-3.6/blist
gcc -pthread -Wno-unused-result -Wsign-compare -DDYNAMIC_ANNOTATIONS_ENABLED=1 -DNDEBUG -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -D_GNU_SOURCE -fPIC -fwrapv -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -D_GNU_SOURCE -fPIC -fwrapv -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -D_GNU_SOURCE -fPIC -fwrapv -fPIC -DBLIST_FLOAT_RADIX_SORT=1 -I/usr/include/python3.6m -c blist/_blist.c -o build/temp.linux-x86_64-3.6/blist/_blist.o
blist/_blist.c:38:10: fatal error: Python.h: 그런 파일이나 디렉터리가 없습니다
#include <Python.h>
^~~~~~~~~~
compilation terminated.
error: command 'gcc' failed with exit status 1
----------------------------------------
ERROR: Command errored out with exit status 1: /usr/bin/python3.6 -u -c 'import io, os, sys, setuptools, tokenize; sys.argv[0] = '"'"'/tmp/pip-install-vw09qqdo/blist_5985a06eebc244dfbb6203841bf7f137/setup.py'"'"'; __file__='"'"'/tmp/pip-install-vw09qqdo/blist_5985a06eebc244dfbb6203841bf7f137/setup.py'"'"';f = getattr(tokenize, '"'"'open'"'"', open)(__file__) if os.path.exists(__file__) else io.StringIO('"'"'from setuptools import setup; setup()'"'"');code = f.read().replace('"'"'\r\n'"'"', '"'"'\n'"'"');f.close();exec(compile(code, __file__, '"'"'exec'"'"'))' install --record /tmp/pip-record-9ratp9fl/install-record.txt --single-version-externally-managed --compile --install-headers /usr/local/include/python3.6m/blist Check the logs for full command output.
[root@tmplogsvr opt]#
elastalert을 설치하기 위한 구성 툴을 추가 설치
[root@tmplogsvr opt]# yum install gcc libffi-devel python36-devel openssl-devel
마지막 메타자료 만료확인 1:24:43 이전인: 2023년 03월 16일 (목) 오전 09시 47분 28초.
꾸러미 gcc-8.5.0-18.el8.x86_64가 이미 설치되어 있습니다.
꾸러미 openssl-devel-1:1.1.1k-7.el8.x86_64가 이미 설치되어 있습니다.
종속성이 해결되었습니다.
======================================================================================================================================================================================================
꾸러미 구조 버전 레포지터리 크기
======================================================================================================================================================================================================
설치 중:
libffi-devel x86_64 3.1-24.el8 baseos 29 k
python36-devel x86_64 3.6.8-38.module_el8.5.0+895+a459eca8 appstream 16 k
향상 중:
openssl x86_64 1:1.1.1k-9.el8 baseos 737 k
openssl-devel x86_64 1:1.1.1k-9.el8 baseos 3.2 M
openssl-libs x86_64 1:1.1.1k-9.el8 baseos 1.5 M
종속 꾸러미 설치 중:
platform-python-devel x86_64 3.6.8-51.el8 appstream 240 k
python3-rpm-generators noarch 5-8.el8 appstream 25 k
연결 요약
======================================================================================================================================================================================================
설치 4 꾸러미
향상 3 꾸러미
총계 내려받기 크기: 5.7 M
진행 할 까요? [y/N]: y
꾸러미 내려받기 중:
(1/7): python3-rpm-generators-5-8.el8.noarch.rpm 533 kB/s | 25 kB 00:00
(2/7): python36-devel-3.6.8-38.module_el8.5.0+895+a459eca8.x86_64.rpm 189 kB/s | 16 kB 00:00
(3/7): platform-python-devel-3.6.8-51.el8.x86_64.rpm 2.6 MB/s | 240 kB 00:00
(4/7): openssl-1.1.1k-9.el8.x86_64.rpm 4.1 MB/s | 737 kB 00:00
(5/7): openssl-libs-1.1.1k-9.el8.x86_64.rpm 15 MB/s | 1.5 MB 00:00
(6/7): libffi-devel-3.1-24.el8.x86_64.rpm 59 kB/s | 29 kB 00:00
(7/7): openssl-devel-1.1.1k-9.el8.x86_64.rpm 5.3 MB/s | 3.2 MB 00:00
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
합계 2.8 MB/s | 5.7 MB 00:02
CentOS Stream 8 - AppStream 1.6 MB/s | 1.6 kB 00:00
GPG키 0x8483C65D 가져오는 중:
사용자 ID : "CentOS (CentOS Official Signing Key) <security@centos.org>"
지문: 99DB 70FA E1D7 CE22 7FB6 4882 05B5 55B3 8483 C65D
출처 : /etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
진행 할 까요? [y/N]: y
키 가져오기에 성공했습니다
연결 확인 실행 중
연결 확인에 성공했습니다.
연결 시험 실행 중
연결 시험에 성공했습니다.
연결 실행 중
준비 중 : 1/1
향상 중 : openssl-libs-1:1.1.1k-9.el8.x86_64 1/10
스크립트릿 실행 중: openssl-libs-1:1.1.1k-9.el8.x86_64 1/10
설치 중 : python3-rpm-generators-5-8.el8.noarch 2/10
설치 중 : platform-python-devel-3.6.8-51.el8.x86_64 3/10
설치 중 : python36-devel-3.6.8-38.module_el8.5.0+895+a459eca8.x86_64 4/10
스크립트릿 실행 중: python36-devel-3.6.8-38.module_el8.5.0+895+a459eca8.x86_64 4/10
향상 중 : openssl-1:1.1.1k-9.el8.x86_64 5/10
향상 중 : openssl-devel-1:1.1.1k-9.el8.x86_64 6/10
설치 중 : libffi-devel-3.1-24.el8.x86_64 7/10
스크립트릿 실행 중: libffi-devel-3.1-24.el8.x86_64 7/10
정리 : openssl-1:1.1.1k-7.el8.x86_64 8/10
정리 : openssl-devel-1:1.1.1k-7.el8.x86_64 9/10
정리 : openssl-libs-1:1.1.1k-7.el8.x86_64 10/10
스크립트릿 실행 중: openssl-libs-1:1.1.1k-7.el8.x86_64 10/10
확인 중 : platform-python-devel-3.6.8-51.el8.x86_64 1/10
확인 중 : python3-rpm-generators-5-8.el8.noarch 2/10
확인 중 : python36-devel-3.6.8-38.module_el8.5.0+895+a459eca8.x86_64 3/10
확인 중 : libffi-devel-3.1-24.el8.x86_64 4/10
확인 중 : openssl-1:1.1.1k-9.el8.x86_64 5/10
확인 중 : openssl-1:1.1.1k-7.el8.x86_64 6/10
확인 중 : openssl-devel-1:1.1.1k-9.el8.x86_64 7/10
확인 중 : openssl-devel-1:1.1.1k-7.el8.x86_64 8/10
확인 중 : openssl-libs-1:1.1.1k-9.el8.x86_64 9/10
확인 중 : openssl-libs-1:1.1.1k-7.el8.x86_64 10/10
향상되었습니다:
openssl-1:1.1.1k-9.el8.x86_64 openssl-devel-1:1.1.1k-9.el8.x86_64 openssl-libs-1:1.1.1k-9.el8.x86_64
설치되었습니다:
libffi-devel-3.1-24.el8.x86_64 platform-python-devel-3.6.8-51.el8.x86_64 python3-rpm-generators-5-8.el8.noarch python36-devel-3.6.8-38.module_el8.5.0+895+a459eca8.x86_64
완료되었습니다!
[root@tmplogsvr opt]#
elastalert 재설치 시도 및 완료
[root@tmplogsvr opt]# pip install elastalert
Collecting elastalert
Using cached elastalert-0.2.4.tar.gz (128 kB)
Preparing metadata (setup.py) ... done
Collecting apscheduler>=3.3.0
Using cached APScheduler-3.10.1-py3-none-any.whl (59 kB)
Collecting aws-requests-auth>=0.3.0
Using cached aws_requests_auth-0.4.3-py2.py3-none-any.whl (6.8 kB)
Collecting blist>=1.3.6
Using cached blist-1.3.6.tar.gz (122 kB)
Preparing metadata (setup.py) ... done
Requirement already satisfied: boto3>=1.4.4 in /usr/local/lib/python3.6/site-packages (from elastalert) (1.23.10)
Requirement already satisfied: configparser>=3.5.0 in /usr/local/lib/python3.6/site-packages (from elastalert) (5.2.0)
Requirement already satisfied: croniter>=0.3.16 in /usr/local/lib/python3.6/site-packages (from elastalert) (1.3.8)
Requirement already satisfied: elasticsearch==7.0.0 in /usr/local/lib/python3.6/site-packages (from elastalert) (7.0.0)
Requirement already satisfied: envparse>=0.2.0 in /usr/local/lib/python3.6/site-packages (from elastalert) (0.2.0)
Requirement already satisfied: exotel>=0.1.3 in /usr/local/lib/python3.6/site-packages (from elastalert) (0.1.5)
Requirement already satisfied: jira>=2.0.0 in /usr/local/lib/python3.6/site-packages (from elastalert) (3.2.0)
Requirement already satisfied: jsonschema>=3.0.2 in /usr/local/lib/python3.6/site-packages (from elastalert) (3.2.0)
Requirement already satisfied: mock>=2.0.0 in /usr/local/lib/python3.6/site-packages (from elastalert) (5.0.1)
Requirement already satisfied: prison>=0.1.2 in /usr/local/lib/python3.6/site-packages (from elastalert) (0.2.1)
Requirement already satisfied: PyStaticConfiguration>=0.10.3 in /usr/local/lib/python3.6/site-packages (from elastalert) (0.11.1)
Requirement already satisfied: python-dateutil<2.7.0,>=2.6.0 in /usr/lib/python3.6/site-packages (from elastalert) (2.6.1)
Requirement already satisfied: PyYAML>=3.12 in /usr/lib64/python3.6/site-packages (from elastalert) (3.12)
Requirement already satisfied: requests>=2.10.0 in /usr/local/lib/python3.6/site-packages (from elastalert) (2.27.1)
Requirement already satisfied: stomp.py>=4.1.17 in /usr/local/lib/python3.6/site-packages (from elastalert) (8.1.0)
Requirement already satisfied: texttable>=0.8.8 in /usr/local/lib/python3.6/site-packages (from elastalert) (1.6.7)
Requirement already satisfied: twilio<6.1,>=6.0.0 in /usr/local/lib/python3.6/site-packages (from elastalert) (6.0.0)
Requirement already satisfied: python-magic>=0.4.15 in /usr/local/lib/python3.6/site-packages (from elastalert) (0.4.27)
Requirement already satisfied: cffi>=1.11.5 in /usr/local/lib64/python3.6/site-packages (from elastalert) (1.15.1)
Requirement already satisfied: urllib3>=1.21.1 in /usr/local/lib/python3.6/site-packages (from elasticsearch==7.0.0->elastalert) (1.26.15)
Requirement already satisfied: setuptools>=0.7 in /usr/local/lib/python3.6/site-packages (from apscheduler>=3.3.0->elastalert) (59.6.0)
Requirement already satisfied: pytz in /usr/lib/python3.6/site-packages (from apscheduler>=3.3.0->elastalert) (2017.2)
Requirement already satisfied: tzlocal!=3.*,>=2.0 in /usr/local/lib/python3.6/site-packages (from apscheduler>=3.3.0->elastalert) (4.2)
Requirement already satisfied: six>=1.4.0 in /usr/lib/python3.6/site-packages (from apscheduler>=3.3.0->elastalert) (1.11.0)
Requirement already satisfied: botocore<1.27.0,>=1.26.10 in /usr/local/lib/python3.6/site-packages (from boto3>=1.4.4->elastalert) (1.26.10)
Requirement already satisfied: s3transfer<0.6.0,>=0.5.0 in /usr/local/lib/python3.6/site-packages (from boto3>=1.4.4->elastalert) (0.5.2)
Requirement already satisfied: jmespath<2.0.0,>=0.7.1 in /usr/local/lib/python3.6/site-packages (from boto3>=1.4.4->elastalert) (0.10.0)
Requirement already satisfied: pycparser in /usr/local/lib/python3.6/site-packages (from cffi>=1.11.5->elastalert) (2.21)
Requirement already satisfied: requests-oauthlib>=1.1.0 in /usr/local/lib/python3.6/site-packages (from jira>=2.0.0->elastalert) (1.3.1)
Requirement already satisfied: keyring in /usr/local/lib/python3.6/site-packages (from jira>=2.0.0->elastalert) (23.4.1)
Requirement already satisfied: requests-toolbelt in /usr/local/lib/python3.6/site-packages (from jira>=2.0.0->elastalert) (0.10.1)
Requirement already satisfied: typing-extensions>=3.7.4.2 in /usr/local/lib/python3.6/site-packages (from jira>=2.0.0->elastalert) (4.1.1)
Requirement already satisfied: defusedxml in /usr/local/lib/python3.6/site-packages (from jira>=2.0.0->elastalert) (0.7.1)
Requirement already satisfied: pyrsistent>=0.14.0 in /usr/local/lib64/python3.6/site-packages (from jsonschema>=3.0.2->elastalert) (0.18.0)
Requirement already satisfied: importlib-metadata in /usr/local/lib/python3.6/site-packages (from jsonschema>=3.0.2->elastalert) (4.8.3)
Requirement already satisfied: attrs>=17.4.0 in /usr/local/lib/python3.6/site-packages (from jsonschema>=3.0.2->elastalert) (22.2.0)
Requirement already satisfied: charset-normalizer~=2.0.0 in /usr/local/lib/python3.6/site-packages (from requests>=2.10.0->elastalert) (2.0.12)
Requirement already satisfied: certifi>=2017.4.17 in /usr/local/lib/python3.6/site-packages (from requests>=2.10.0->elastalert) (2022.12.7)
Requirement already satisfied: idna<4,>=2.5 in /usr/lib/python3.6/site-packages (from requests>=2.10.0->elastalert) (2.5)
Requirement already satisfied: websocket-client<2.0.0,>=1.2.3 in /usr/local/lib/python3.6/site-packages (from stomp.py>=4.1.17->elastalert) (1.3.1)
Requirement already satisfied: docopt<0.7.0,>=0.6.2 in /usr/local/lib/python3.6/site-packages (from stomp.py>=4.1.17->elastalert) (0.6.2)
Requirement already satisfied: PyJWT>=1.4.2 in /usr/local/lib/python3.6/site-packages (from twilio<6.1,>=6.0.0->elastalert) (2.4.0)
Requirement already satisfied: pysocks in /usr/lib/python3.6/site-packages (from twilio<6.1,>=6.0.0->elastalert) (1.6.8)
Requirement already satisfied: oauthlib>=3.0.0 in /usr/local/lib/python3.6/site-packages (from requests-oauthlib>=1.1.0->jira>=2.0.0->elastalert) (3.2.2)
Requirement already satisfied: pytz-deprecation-shim in /usr/local/lib/python3.6/site-packages (from tzlocal!=3.*,>=2.0->apscheduler>=3.3.0->elastalert) (0.1.0.post0)
Requirement already satisfied: backports.zoneinfo in /usr/local/lib64/python3.6/site-packages (from tzlocal!=3.*,>=2.0->apscheduler>=3.3.0->elastalert) (0.2.1)
Requirement already satisfied: zipp>=0.5 in /usr/local/lib/python3.6/site-packages (from importlib-metadata->jsonschema>=3.0.2->elastalert) (3.6.0)
Requirement already satisfied: SecretStorage>=3.2 in /usr/local/lib/python3.6/site-packages (from keyring->jira>=2.0.0->elastalert) (3.3.3)
Requirement already satisfied: jeepney>=0.4.2 in /usr/local/lib/python3.6/site-packages (from keyring->jira>=2.0.0->elastalert) (0.7.1)
Requirement already satisfied: cryptography>=2.0 in /usr/local/lib64/python3.6/site-packages (from SecretStorage>=3.2->keyring->jira>=2.0.0->elastalert) (39.0.2)
Requirement already satisfied: importlib-resources in /usr/local/lib/python3.6/site-packages (from backports.zoneinfo->tzlocal!=3.*,>=2.0->apscheduler>=3.3.0->elastalert) (5.4.0)
Requirement already satisfied: tzdata in /usr/local/lib/python3.6/site-packages (from pytz-deprecation-shim->tzlocal!=3.*,>=2.0->apscheduler>=3.3.0->elastalert) (2022.7)
Using legacy 'setup.py install' for elastalert, since package 'wheel' is not installed.
Using legacy 'setup.py install' for blist, since package 'wheel' is not installed.
Installing collected packages: blist, aws-requests-auth, apscheduler, elastalert
Running setup.py install for blist ... done
Running setup.py install for elastalert ... done
Successfully installed apscheduler-3.10.1 aws-requests-auth-0.4.3 blist-1.3.6 elastalert-0.2.4
WARNING: Running pip as the 'root' user can result in broken permissions and conflicting behaviour with the system package manager. It is recommended to use a virtual environment instead: https://pip.pypa.io/warnings/venv
[root@tmplogsvr opt]#
elastalert 구성요소 설치하기 폴더 삭제하기
[root@tmplogsvr ~]# cd /opt
[root@tmplogsvr opt]# git clone https://github.com/Yelp/elastalert.git
'elastalert'에 복제합니다...
remote: Enumerating objects: 11518, done.
remote: Total 11518 (delta 0), reused 0 (delta 0), pack-reused 11518
오브젝트를 받는 중: 100% (11518/11518), 3.61 MiB | 31.89 MiB/s, 완료.
델타를 알아내는 중: 100% (7978/7978), 완료.
[root@tmplogsvr opt]# ls -al
합계 12
drwxr-xr-x. 3 root root 4096 3월 16 11:37 .
dr-xr-xr-x. 18 root root 4096 3월 15 14:16 ..
drwxr-xr-x. 7 root root 4096 3월 16 11:37 elastalert
[root@tmplogsvr opt]# cd elastalert/
[root@tmplogsvr elastalert]# ls -al
합계 132
drwxr-xr-x. 7 root root 4096 3월 16 11:37 .
drwxr-xr-x. 3 root root 4096 3월 16 11:37 ..
-rw-r--r--. 1 root root 216 3월 16 11:37 .editorconfig
drwxr-xr-x. 8 root root 4096 3월 16 11:37 .git
-rw-r--r--. 1 root root 160 3월 16 11:37 .gitignore
-rw-r--r--. 1 root root 718 3월 16 11:37 .pre-commit-config.yaml
-rw-r--r--. 1 root root 574 3월 16 11:37 .secrets.baseline
-rw-r--r--. 1 root root 1262 3월 16 11:37 .travis.yml
-rw-r--r--. 1 root root 244 3월 16 11:37 Dockerfile-test
-rw-r--r--. 1 root root 11359 3월 16 11:37 LICENSE
-rw-r--r--. 1 root root 528 3월 16 11:37 Makefile
-rw-r--r--. 1 root root 16197 3월 16 11:37 README.md
-rw-r--r--. 1 root root 11649 3월 16 11:37 changelog.md
-rw-r--r--. 1 root root 3321 3월 16 11:37 config.yaml.example
-rw-r--r--. 1 root root 261 3월 16 11:37 docker-compose.yml
drwxr-xr-x. 3 root root 4096 3월 16 11:37 docs
drwxr-xr-x. 3 root root 4096 3월 16 11:37 elastalert
drwxr-xr-x. 2 root root 4096 3월 16 11:37 example_rules
-rw-r--r--. 1 root root 74 3월 16 11:37 pytest.ini
-rw-r--r--. 1 root root 114 3월 16 11:37 requirements-dev.txt
-rw-r--r--. 1 root root 389 3월 16 11:37 requirements.txt
-rw-r--r--. 1 root root 100 3월 16 11:37 setup.cfg
-rw-r--r--. 1 root root 1659 3월 16 11:37 setup.py
-rw-r--r--. 1 root root 780 3월 16 11:37 supervisord.conf.example
drwxr-xr-x. 2 root root 4096 3월 16 11:37 tests
-rw-r--r--. 1 root root 609 3월 16 11:37 tox.ini
[root@tmplogsvr elastalert]# pip install -r ./requirements.txt
Requirement already satisfied: apscheduler>=3.3.0 in /usr/local/lib/python3.6/site-packages (from -r ./requirements.txt (line 1)) (3.10.1)
Requirement already satisfied: aws-requests-auth>=0.3.0 in /usr/local/lib/python3.6/site-packages (from -r ./requirements.txt (line 2)) (0.4.3)
Requirement already satisfied: blist>=1.3.6 in /usr/local/lib64/python3.6/site-packages (from -r ./requirements.txt (line 3)) (1.3.6)
Requirement already satisfied: boto3>=1.4.4 in /usr/local/lib/python3.6/site-packages (from -r ./requirements.txt (line 4)) (1.23.10)
Requirement already satisfied: cffi>=1.11.5 in /usr/local/lib64/python3.6/site-packages (from -r ./requirements.txt (line 5)) (1.15.1)
Requirement already satisfied: configparser>=3.5.0 in /usr/local/lib/python3.6/site-packages (from -r ./requirements.txt (line 6)) (5.2.0)
Requirement already satisfied: croniter>=0.3.16 in /usr/local/lib/python3.6/site-packages (from -r ./requirements.txt (line 7)) (1.3.8)
Requirement already satisfied: elasticsearch>=7.0.0 in /usr/local/lib/python3.6/site-packages (from -r ./requirements.txt (line 8)) (7.0.0)
Requirement already satisfied: envparse>=0.2.0 in /usr/local/lib/python3.6/site-packages (from -r ./requirements.txt (line 9)) (0.2.0)
Requirement already satisfied: exotel>=0.1.3 in /usr/local/lib/python3.6/site-packages (from -r ./requirements.txt (line 10)) (0.1.5)
Collecting jira<1.0.15,>=1.0.10
Downloading jira-1.0.14-py2.py3-none-any.whl (95 kB)
|████████████████████████████████| 95 kB 9.4 MB/s
Requirement already satisfied: jsonschema>=3.0.2 in /usr/local/lib/python3.6/site-packages (from -r ./requirements.txt (line 12)) (3.2.0)
Requirement already satisfied: mock>=2.0.0 in /usr/local/lib/python3.6/site-packages (from -r ./requirements.txt (line 13)) (5.0.1)
Requirement already satisfied: prison>=0.1.2 in /usr/local/lib/python3.6/site-packages (from -r ./requirements.txt (line 14)) (0.2.1)
Collecting py-zabbix==1.1.3
Downloading py_zabbix-1.1.3-py2.py3-none-any.whl (12 kB)
Requirement already satisfied: PyStaticConfiguration>=0.10.3 in /usr/local/lib/python3.6/site-packages (from -r ./requirements.txt (line 16)) (0.11.1)
Requirement already satisfied: python-dateutil<2.7.0,>=2.6.0 in /usr/lib/python3.6/site-packages (from -r ./requirements.txt (line 17)) (2.6.1)
Collecting PyYAML>=5.1
Using cached PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB)
Requirement already satisfied: requests>=2.0.0 in /usr/local/lib/python3.6/site-packages (from -r ./requirements.txt (line 19)) (2.27.1)
Requirement already satisfied: stomp.py>=4.1.17 in /usr/local/lib/python3.6/site-packages (from -r ./requirements.txt (line 20)) (8.1.0)
Requirement already satisfied: texttable>=0.8.8 in /usr/local/lib/python3.6/site-packages (from -r ./requirements.txt (line 21)) (1.6.7)
Requirement already satisfied: twilio==6.0.0 in /usr/local/lib/python3.6/site-packages (from -r ./requirements.txt (line 22)) (6.0.0)
Requirement already satisfied: six in /usr/lib/python3.6/site-packages (from twilio==6.0.0->-r ./requirements.txt (line 22)) (1.11.0)
Requirement already satisfied: pytz in /usr/lib/python3.6/site-packages (from twilio==6.0.0->-r ./requirements.txt (line 22)) (2017.2)
Requirement already satisfied: PyJWT>=1.4.2 in /usr/local/lib/python3.6/site-packages (from twilio==6.0.0->-r ./requirements.txt (line 22)) (2.4.0)
Requirement already satisfied: pysocks in /usr/lib/python3.6/site-packages (from twilio==6.0.0->-r ./requirements.txt (line 22)) (1.6.8)
Requirement already satisfied: tzlocal!=3.*,>=2.0 in /usr/local/lib/python3.6/site-packages (from apscheduler>=3.3.0->-r ./requirements.txt (line 1)) (4.2)
Requirement already satisfied: setuptools>=0.7 in /usr/local/lib/python3.6/site-packages (from apscheduler>=3.3.0->-r ./requirements.txt (line 1)) (59.6.0)
Requirement already satisfied: s3transfer<0.6.0,>=0.5.0 in /usr/local/lib/python3.6/site-packages (from boto3>=1.4.4->-r ./requirements.txt (line 4)) (0.5.2)
Requirement already satisfied: botocore<1.27.0,>=1.26.10 in /usr/local/lib/python3.6/site-packages (from boto3>=1.4.4->-r ./requirements.txt (line 4)) (1.26.10)
Requirement already satisfied: jmespath<2.0.0,>=0.7.1 in /usr/local/lib/python3.6/site-packages (from boto3>=1.4.4->-r ./requirements.txt (line 4)) (0.10.0)
Requirement already satisfied: pycparser in /usr/local/lib/python3.6/site-packages (from cffi>=1.11.5->-r ./requirements.txt (line 5)) (2.21)
Requirement already satisfied: urllib3>=1.21.1 in /usr/local/lib/python3.6/site-packages (from elasticsearch>=7.0.0->-r ./requirements.txt (line 8)) (1.26.15)
Requirement already satisfied: defusedxml in /usr/local/lib/python3.6/site-packages (from jira<1.0.15,>=1.0.10->-r ./requirements.txt (line 11)) (0.7.1)
Requirement already satisfied: requests-oauthlib>=0.6.1 in /usr/local/lib/python3.6/site-packages (from jira<1.0.15,>=1.0.10->-r ./requirements.txt (line 11)) (1.3.1)
Collecting pbr>=3.0.0
Downloading pbr-5.11.1-py2.py3-none-any.whl (112 kB)
|████████████████████████████████| 112 kB 80.8 MB/s
Requirement already satisfied: requests-toolbelt in /usr/local/lib/python3.6/site-packages (from jira<1.0.15,>=1.0.10->-r ./requirements.txt (line 11)) (0.10.1)
Requirement already satisfied: attrs>=17.4.0 in /usr/local/lib/python3.6/site-packages (from jsonschema>=3.0.2->-r ./requirements.txt (line 12)) (22.2.0)
Requirement already satisfied: pyrsistent>=0.14.0 in /usr/local/lib64/python3.6/site-packages (from jsonschema>=3.0.2->-r ./requirements.txt (line 12)) (0.18.0)
Requirement already satisfied: importlib-metadata in /usr/local/lib/python3.6/site-packages (from jsonschema>=3.0.2->-r ./requirements.txt (line 12)) (4.8.3)
Requirement already satisfied: typing-extensions in /usr/local/lib/python3.6/site-packages (from PyStaticConfiguration>=0.10.3->-r ./requirements.txt (line 16)) (4.1.1)
Requirement already satisfied: certifi>=2017.4.17 in /usr/local/lib/python3.6/site-packages (from requests>=2.0.0->-r ./requirements.txt (line 19)) (2022.12.7)
Requirement already satisfied: charset-normalizer~=2.0.0 in /usr/local/lib/python3.6/site-packages (from requests>=2.0.0->-r ./requirements.txt (line 19)) (2.0.12)
Requirement already satisfied: idna<4,>=2.5 in /usr/lib/python3.6/site-packages (from requests>=2.0.0->-r ./requirements.txt (line 19)) (2.5)
Requirement already satisfied: websocket-client<2.0.0,>=1.2.3 in /usr/local/lib/python3.6/site-packages (from stomp.py>=4.1.17->-r ./requirements.txt (line 20)) (1.3.1)
Requirement already satisfied: docopt<0.7.0,>=0.6.2 in /usr/local/lib/python3.6/site-packages (from stomp.py>=4.1.17->-r ./requirements.txt (line 20)) (0.6.2)
Requirement already satisfied: oauthlib>=3.0.0 in /usr/local/lib/python3.6/site-packages (from requests-oauthlib>=0.6.1->jira<1.0.15,>=1.0.10->-r ./requirements.txt (line 11)) (3.2.2)
Requirement already satisfied: backports.zoneinfo in /usr/local/lib64/python3.6/site-packages (from tzlocal!=3.*,>=2.0->apscheduler>=3.3.0->-r ./requirements.txt (line 1)) (0.2.1)
Requirement already satisfied: pytz-deprecation-shim in /usr/local/lib/python3.6/site-packages (from tzlocal!=3.*,>=2.0->apscheduler>=3.3.0->-r ./requirements.txt (line 1)) (0.1.0.post0)
Requirement already satisfied: zipp>=0.5 in /usr/local/lib/python3.6/site-packages (from importlib-metadata->jsonschema>=3.0.2->-r ./requirements.txt (line 12)) (3.6.0)
Requirement already satisfied: importlib-resources in /usr/local/lib/python3.6/site-packages (from backports.zoneinfo->tzlocal!=3.*,>=2.0->apscheduler>=3.3.0->-r ./requirements.txt (line 1)) (5.4.0)
Requirement already satisfied: tzdata in /usr/local/lib/python3.6/site-packages (from pytz-deprecation-shim->tzlocal!=3.*,>=2.0->apscheduler>=3.3.0->-r ./requirements.txt (line 1)) (2022.7)
Installing collected packages: pbr, PyYAML, py-zabbix, jira
Attempting uninstall: PyYAML
Found existing installation: PyYAML 3.12
ERROR: Cannot uninstall 'PyYAML'. It is a distutils installed project and thus we cannot accurately determine which files belong to it which would lead to only a partial uninstall.
[root@tmplogsvr elastalert]# pip install --ignore-installed PyYAML -r requirements.txt
Collecting PyYAML
Using cached PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB)
Collecting apscheduler>=3.3.0
Using cached APScheduler-3.10.1-py3-none-any.whl (59 kB)
Collecting aws-requests-auth>=0.3.0
Using cached aws_requests_auth-0.4.3-py2.py3-none-any.whl (6.8 kB)
Collecting blist>=1.3.6
Using cached blist-1.3.6.tar.gz (122 kB)
Preparing metadata (setup.py) ... done
Collecting boto3>=1.4.4
Using cached boto3-1.23.10-py3-none-any.whl (132 kB)
Collecting cffi>=1.11.5
Using cached cffi-1.15.1-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (402 kB)
Collecting configparser>=3.5.0
Using cached configparser-5.2.0-py3-none-any.whl (19 kB)
Collecting croniter>=0.3.16
Using cached croniter-1.3.8-py2.py3-none-any.whl (18 kB)
Collecting elasticsearch>=7.0.0
Downloading elasticsearch-8.6.2-py3-none-any.whl (385 kB)
|████████████████████████████████| 385 kB 19.2 MB/s
Collecting envparse>=0.2.0
Using cached envparse-0.2.0.tar.gz (7.6 kB)
Preparing metadata (setup.py) ... done
Collecting exotel>=0.1.3
Using cached exotel-0.1.5.tar.gz (2.2 kB)
Preparing metadata (setup.py) ... done
Collecting jira<1.0.15,>=1.0.10
Using cached jira-1.0.14-py2.py3-none-any.whl (95 kB)
Collecting jsonschema>=3.0.2
Using cached jsonschema-3.2.0-py2.py3-none-any.whl (56 kB)
Collecting mock>=2.0.0
Using cached mock-5.0.1-py3-none-any.whl (30 kB)
Collecting prison>=0.1.2
Using cached prison-0.2.1-py2.py3-none-any.whl (5.8 kB)
Collecting py-zabbix==1.1.3
Using cached py_zabbix-1.1.3-py2.py3-none-any.whl (12 kB)
Collecting PyStaticConfiguration>=0.10.3
Using cached PyStaticConfiguration-0.11.1-py3-none-any.whl (27 kB)
Collecting python-dateutil<2.7.0,>=2.6.0
Downloading python_dateutil-2.6.1-py2.py3-none-any.whl (194 kB)
|████████████████████████████████| 194 kB 60.7 MB/s
Collecting requests>=2.0.0
Using cached requests-2.27.1-py2.py3-none-any.whl (63 kB)
Collecting stomp.py>=4.1.17
Using cached stomp.py-8.1.0-py3-none-any.whl (42 kB)
Collecting texttable>=0.8.8
Using cached texttable-1.6.7-py2.py3-none-any.whl (10 kB)
Collecting twilio==6.0.0
Using cached twilio-6.0.0.tar.gz (304 kB)
Preparing metadata (setup.py) ... done
Collecting six
Downloading six-1.16.0-py2.py3-none-any.whl (11 kB)
Collecting pytz
Downloading pytz-2022.7.1-py2.py3-none-any.whl (499 kB)
|████████████████████████████████| 499 kB 68.4 MB/s
Collecting PyJWT>=1.4.2
Using cached PyJWT-2.4.0-py3-none-any.whl (18 kB)
Collecting pysocks
Downloading PySocks-1.7.1-py3-none-any.whl (16 kB)
Collecting tzlocal!=3.*,>=2.0
Using cached tzlocal-4.2-py3-none-any.whl (19 kB)
Collecting setuptools>=0.7
Using cached setuptools-59.6.0-py3-none-any.whl (952 kB)
Collecting s3transfer<0.6.0,>=0.5.0
Using cached s3transfer-0.5.2-py3-none-any.whl (79 kB)
Collecting jmespath<2.0.0,>=0.7.1
Using cached jmespath-0.10.0-py2.py3-none-any.whl (24 kB)
Collecting botocore<1.27.0,>=1.26.10
Using cached botocore-1.26.10-py3-none-any.whl (8.8 MB)
Collecting pycparser
Using cached pycparser-2.21-py2.py3-none-any.whl (118 kB)
Collecting elastic-transport<9,>=8
Downloading elastic_transport-8.4.0-py3-none-any.whl (59 kB)
|████████████████████████████████| 59 kB 20.2 MB/s
Collecting pbr>=3.0.0
Using cached pbr-5.11.1-py2.py3-none-any.whl (112 kB)
Collecting defusedxml
Using cached defusedxml-0.7.1-py2.py3-none-any.whl (25 kB)
Collecting requests-toolbelt
Using cached requests_toolbelt-0.10.1-py2.py3-none-any.whl (54 kB)
Collecting requests-oauthlib>=0.6.1
Using cached requests_oauthlib-1.3.1-py2.py3-none-any.whl (23 kB)
Collecting importlib-metadata
Using cached importlib_metadata-4.8.3-py3-none-any.whl (17 kB)
Collecting pyrsistent>=0.14.0
Using cached pyrsistent-0.18.0-cp36-cp36m-manylinux1_x86_64.whl (117 kB)
Collecting attrs>=17.4.0
Using cached attrs-22.2.0-py3-none-any.whl (60 kB)
Collecting typing-extensions
Using cached typing_extensions-4.1.1-py3-none-any.whl (26 kB)
Collecting urllib3<1.27,>=1.21.1
Using cached urllib3-1.26.15-py2.py3-none-any.whl (140 kB)
Collecting idna<4,>=2.5
Downloading idna-3.4-py3-none-any.whl (61 kB)
|████████████████████████████████| 61 kB 338 kB/s
Collecting certifi>=2017.4.17
Using cached certifi-2022.12.7-py3-none-any.whl (155 kB)
Collecting charset-normalizer~=2.0.0
Using cached charset_normalizer-2.0.12-py3-none-any.whl (39 kB)
Collecting docopt<0.7.0,>=0.6.2
Using cached docopt-0.6.2.tar.gz (25 kB)
Preparing metadata (setup.py) ... done
Collecting websocket-client<2.0.0,>=1.2.3
Using cached websocket_client-1.3.1-py3-none-any.whl (54 kB)
Collecting dataclasses
Downloading dataclasses-0.8-py3-none-any.whl (19 kB)
Collecting oauthlib>=3.0.0
Using cached oauthlib-3.2.2-py3-none-any.whl (151 kB)
Collecting pytz-deprecation-shim
Using cached pytz_deprecation_shim-0.1.0.post0-py2.py3-none-any.whl (15 kB)
Collecting backports.zoneinfo
Using cached backports.zoneinfo-0.2.1-cp36-cp36m-manylinux1_x86_64.whl (70 kB)
Collecting zipp>=0.5
Using cached zipp-3.6.0-py3-none-any.whl (5.3 kB)
Collecting importlib-resources
Using cached importlib_resources-5.4.0-py3-none-any.whl (28 kB)
Collecting tzdata
Using cached tzdata-2022.7-py2.py3-none-any.whl (340 kB)
Using legacy 'setup.py install' for twilio, since package 'wheel' is not installed.
Using legacy 'setup.py install' for blist, since package 'wheel' is not installed.
Using legacy 'setup.py install' for envparse, since package 'wheel' is not installed.
Using legacy 'setup.py install' for exotel, since package 'wheel' is not installed.
Using legacy 'setup.py install' for docopt, since package 'wheel' is not installed.
Installing collected packages: zipp, six, importlib-resources, urllib3, tzdata, python-dateutil, jmespath, idna, charset-normalizer, certifi, backports.zoneinfo, typing-extensions, requests, pytz-deprecation-shim, oauthlib, dataclasses, botocore, websocket-client, tzlocal, setuptools, s3transfer, requests-toolbelt, requests-oauthlib, pytz, pysocks, pyrsistent, PyJWT, pycparser, pbr, importlib-metadata, elastic-transport, docopt, defusedxml, attrs, twilio, texttable, stomp.py, PyYAML, PyStaticConfiguration, py-zabbix, prison, mock, jsonschema, jira, exotel, envparse, elasticsearch, croniter, configparser, cffi, boto3, blist, aws-requests-auth, apscheduler
Running setup.py install for docopt ... done
Running setup.py install for twilio ... done
Running setup.py install for exotel ... done
Running setup.py install for envparse ... done
Running setup.py install for blist ... done
ERROR: pips dependency resolver does not currently take into account all the packages that are installed. This behaviour is the source of the following dependency conflicts.
elastalert 0.2.4 requires elasticsearch==7.0.0, but you have elasticsearch 8.6.2 which is incompatible.
elastalert 0.2.4 requires jira>=2.0.0, but you have jira 1.0.14 which is incompatible.
Successfully installed PyJWT-2.4.0 PyStaticConfiguration-0.11.1 PyYAML-6.0 apscheduler-3.10.1 attrs-22.2.0 aws-requests-auth-0.4.3 backports.zoneinfo-0.2.1 blist-1.3.6 boto3-1.23.10 botocore-1.26.10 certifi-2022.12.7 cffi-1.15.1 charset-normalizer-2.0.12 configparser-5.2.0 croniter-1.3.8 dataclasses-0.8 defusedxml-0.7.1 docopt-0.6.2 elastic-transport-8.4.0 elasticsearch-8.6.2 envparse-0.2.0 exotel-0.1.5 idna-3.4 importlib-metadata-4.8.3 importlib-resources-5.4.0 jira-3.2.0 jmespath-0.10.0 jsonschema-3.2.0 mock-5.0.1 oauthlib-3.2.2 pbr-5.11.1 prison-0.2.1 py-zabbix-1.1.3 pycparser-2.21 pyrsistent-0.18.0 pysocks-1.7.1 python-dateutil-2.6.1 pytz-2022.7.1 pytz-deprecation-shim-0.1.0.post0 requests-2.27.1 requests-oauthlib-1.3.1 requests-toolbelt-0.10.1 s3transfer-0.5.2 setuptools-59.6.0 six-1.16.0 stomp.py-8.1.0 texttable-1.6.7 twilio-6.0.0 typing-extensions-4.1.1 tzdata-2022.7 tzlocal-4.2 urllib3-1.26.15 websocket-client-1.3.1 zipp-3.6.0
WARNING: Running pip as the 'root' user can result in broken permissions and conflicting behaviour with the system package manager. It is recommended to use a virtual environment instead: https://pip.pypa.io/warnings/venv
[root@tmplogsvr elastalert]#
[root@tmplogsvr elastalert]# cd ..
[root@tmplogsvr opt]# rm -rf ./elastalert/
bitsensor용 elastalert 설치
- 용도: kibana에서 elastalert을 구동하기 위한 필수 버전
[root@tmplogsvr opt]# git clone https://github.com/bitsensor/elastalert.git && cd elastalert
'elastalert'에 복제합니다...
remote: Enumerating objects: 1473, done.
remote: Total 1473 (delta 0), reused 0 (delta 0), pack-reused 1473
오브젝트를 받는 중: 100% (1473/1473), 287.83 KiB | 11.99 MiB/s, 완료.
델타를 알아내는 중: 100% (813/813), 완료.
[root@tmplogsvr elastalert]#
npm 설치
[root@tmplogsvr elastalert]# yum install npm
마지막 메타자료 만료확인 1:39:50 이전인: 2023년 03월 16일 (목) 오전 09시 47분 28초.
종속성이 해결되었습니다.
======================================================================================================================================================================================================
꾸러미 구조 버전 레포지터리 크기
======================================================================================================================================================================================================
설치 중:
npm x86_64 1:6.14.10-1.10.23.1.1.module_el8.4.0+645+9ce14ba2 appstream 3.7 M
종속 꾸러미 설치 중:
nodejs x86_64 1:10.23.1-1.module_el8.4.0+645+9ce14ba2 appstream 8.9 M
취약한 종속 꾸러미 설치 중:
nodejs-full-i18n x86_64 1:10.23.1-1.module_el8.4.0+645+9ce14ba2 appstream 7.3 M
모듈 스트림 활성화:
nodejs 10
연결 요약
======================================================================================================================================================================================================
설치 3 꾸러미
총계 내려받기 크기: 20 M
설치된 크기 : 71 M
진행 할 까요? [y/N]: y
꾸러미 내려받기 중:
(1/3): npm-6.14.10-1.10.23.1.1.module_el8.4.0+645+9ce14ba2.x86_64.rpm 7.4 MB/s | 3.7 MB 00:00
(2/3): nodejs-full-i18n-10.23.1-1.module_el8.4.0+645+9ce14ba2.x86_64.rpm 6.3 MB/s | 7.3 MB 00:01
(3/3): nodejs-10.23.1-1.module_el8.4.0+645+9ce14ba2.x86_64.rpm 7.4 MB/s | 8.9 MB 00:01
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
합계 10 MB/s | 20 MB 00:01
연결 확인 실행 중
연결 확인에 성공했습니다.
연결 시험 실행 중
연결 시험에 성공했습니다.
연결 실행 중
스크립트릿 실행 중: npm-1:6.14.10-1.10.23.1.1.module_el8.4.0+645+9ce14ba2.x86_64 1/1
준비 중 : 1/1
설치 중 : nodejs-full-i18n-1:10.23.1-1.module_el8.4.0+645+9ce14ba2.x86_64 1/3
설치 중 : npm-1:6.14.10-1.10.23.1.1.module_el8.4.0+645+9ce14ba2.x86_64 2/3
설치 중 : nodejs-1:10.23.1-1.module_el8.4.0+645+9ce14ba2.x86_64 3/3
스크립트릿 실행 중: nodejs-1:10.23.1-1.module_el8.4.0+645+9ce14ba2.x86_64 3/3
확인 중 : nodejs-1:10.23.1-1.module_el8.4.0+645+9ce14ba2.x86_64 1/3
확인 중 : nodejs-full-i18n-1:10.23.1-1.module_el8.4.0+645+9ce14ba2.x86_64 2/3
확인 중 : npm-1:6.14.10-1.10.23.1.1.module_el8.4.0+645+9ce14ba2.x86_64 3/3
설치되었습니다:
nodejs-1:10.23.1-1.module_el8.4.0+645+9ce14ba2.x86_64 nodejs-full-i18n-1:10.23.1-1.module_el8.4.0+645+9ce14ba2.x86_64 npm-1:6.14.10-1.10.23.1.1.module_el8.4.0+645+9ce14ba2.x86_64
완료되었습니다!
[root@tmplogsvr elastalert]#
npm 실행 오류 1 및 해결
[root@tmplogsvr elastalert]# npm start
> @bitsensor/elastalert@3.0.0-beta.0 start /opt/elastalert
> sh ./scripts/start.sh
./scripts/start.sh: line 3: ./node_modules/.bin/bunyan: 그런 파일이나 디렉터리가 없습니다
internal/modules/cjs/loader.js:638
throw err;
^
Error: Cannot find module 'babel-register'
at Function.Module._resolveFilename (internal/modules/cjs/loader.js:636:15)
at Function.Module._load (internal/modules/cjs/loader.js:562:25)
at Module.require (internal/modules/cjs/loader.js:692:17)
at require (internal/modules/cjs/helpers.js:25:18)
at Object.<anonymous> (/opt/elastalert/index.js:1:1)
at Module._compile (internal/modules/cjs/loader.js:778:30)
at Object.Module._extensions..js (internal/modules/cjs/loader.js:789:10)
at Module.load (internal/modules/cjs/loader.js:653:32)
at tryModuleLoad (internal/modules/cjs/loader.js:593:12)
at Function.Module._load (internal/modules/cjs/loader.js:585:3)
npm ERR! code ELIFECYCLE
npm ERR! syscall spawn
npm ERR! file sh
npm ERR! errno ENOENT
npm ERR! @bitsensor/elastalert@3.0.0-beta.0 start: `sh ./scripts/start.sh`
npm ERR! spawn ENOENT
npm ERR!
npm ERR! Failed at the @bitsensor/elastalert@3.0.0-beta.0 start script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.
npm WARN Local package.json exists, but node_modules missing, did you mean to install?
npm ERR! A complete log of this run can be found in:
npm ERR! /root/.npm/_logs/2023-03-16T02_32_07_479Z-debug.log
[root@tmplogsvr elastalert]#
[root@tmplogsvr elastalert]# npm install bunyan
> dtrace-provider@0.8.8 install /opt/elastalert/node_modules/dtrace-provider
> node-gyp rebuild || node suppress-error.js
make: 디렉터리 '/opt/elastalert/node_modules/dtrace-provider/build' 들어감
TOUCH Release/obj.target/DTraceProviderStub.stamp
make: 디렉터리 '/opt/elastalert/node_modules/dtrace-provider/build' 나감
npm notice created a lockfile as package-lock.json. You should commit this file.
+ bunyan@1.8.15
added 20 packages from 23 contributors and audited 20 packages in 2.499s
1 package is looking for funding
run `npm fund` for details
found 0 vulnerabilities
[root@tmplogsvr elastalert]# npm install babel-register --save-dev
npm WARN deprecated core-js@2.6.12: core-js@<3.23.3 is no longer maintained and not recommended for usage due to the number of issues. Because of the V8 engine whims, feature detection in old core-js versions could cause a slowdown up to 100x even if nothing is polyfilled. Some versions have web compatibility issues. Please, upgrade your dependencies to the actual version of core-js.
> core-js@2.6.12 postinstall /opt/elastalert/node_modules/core-js
> node -e "try{require('./postinstall')}catch(e){}"
Thank you for using core-js ( https://github.com/zloirock/core-js ) for polyfilling JavaScript standard library!
The project needs your help! Please consider supporting of core-js on Open Collective or Patreon:
> https://opencollective.com/core-js
> https://www.patreon.com/zloirock
Also, the author of core-js ( https://github.com/zloirock ) is looking for a good job -)
npm notice save babel-register is being moved from dependencies to devDependencies
npm WARN @babel/register@7.21.0 requires a peer of @babel/core@^7.0.0-0 but none is installed. You must install peer dependencies yourself.
+ babel-register@6.26.0
added 51 packages from 53 contributors and audited 93 packages in 1.83s
3 packages are looking for funding
run `npm fund` for details
found 1 high severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details
[root@tmplogsvr elastalert]#
npm 실행 오류 2 및 해결
[root@tmplogsvr elastalert]# npm start
> @bitsensor/elastalert@3.0.0-beta.0 start /opt/elastalert
> sh ./scripts/start.sh
/opt/elastalert/node_modules/babel-core/lib/transformation/file/options/option-manager.js:328
throw e;
^
Error: Couldnt find preset "es2015" relative to directory "/opt/elastalert"
at /opt/elastalert/node_modules/babel-core/lib/transformation/file/options/option-manager.js:293:19
at Array.map (<anonymous>)
at OptionManager.resolvePresets (/opt/elastalert/node_modules/babel-core/lib/transformation/file/options/option-manager.js:275:20)
at OptionManager.mergePresets (/opt/elastalert/node_modules/babel-core/lib/transformation/file/options/option-manager.js:264:10)
at OptionManager.mergeOptions (/opt/elastalert/node_modules/babel-core/lib/transformation/file/options/option-manager.js:249:14)
at OptionManager.init (/opt/elastalert/node_modules/babel-core/lib/transformation/file/options/option-manager.js:368:12)
at compile (/opt/elastalert/node_modules/babel-register/lib/node.js:103:45)
at loader (/opt/elastalert/node_modules/babel-register/lib/node.js:144:14)
at Object.require.extensions.(anonymous function) [as .js] (/opt/elastalert/node_modules/babel-register/lib/node.js:154:7)
at Module.load (internal/modules/cjs/loader.js:653:32)
[root@tmplogsvr elastalert]# npm install babel-preset-es2015
npm WARN deprecated babel-preset-es2015@6.24.1: 🙌 Thanks for using Babel: we recommend using babel-preset-env now: please read https://babeljs.io/env to update!
npm WARN @babel/register@7.21.0 requires a peer of @babel/core@^7.0.0-0 but none is installed. You must install peer dependencies yourself.
+ babel-preset-es2015@6.24.1
added 43 packages from 8 contributors and audited 136 packages in 2.904s
3 packages are looking for funding
run `npm fund` for details
found 1 high severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details
[root@tmplogsvr elastalert]# npm start
> @bitsensor/elastalert@3.0.0-beta.0 start /opt/elastalert
> sh ./scripts/start.sh
internal/modules/cjs/loader.js:638
throw err;
^
Error: Cannot find module 'express'
at Function.Module._resolveFilename (internal/modules/cjs/loader.js:636:15)
at Function.Module._load (internal/modules/cjs/loader.js:562:25)
at Module.require (internal/modules/cjs/loader.js:692:17)
at require (internal/modules/cjs/helpers.js:25:18)
at Object.<anonymous> (/opt/elastalert/src/elastalert_server.js:1:1)
at Module._compile (internal/modules/cjs/loader.js:778:30)
at loader (/opt/elastalert/node_modules/babel-register/lib/node.js:144:5)
at Object.require.extensions.(anonymous function) [as .js] (/opt/elastalert/node_modules/babel-register/lib/node.js:154:7)
at Module.load (internal/modules/cjs/loader.js:653:32)
at tryModuleLoad (internal/modules/cjs/loader.js:593:12)
[root@tmplogsvr elastalert]# npm install express
npm WARN @babel/register@7.21.0 requires a peer of @babel/core@^7.0.0-0 but none is installed. You must install peer dependencies yourself.
+ express@4.18.2
added 54 packages from 40 contributors and audited 190 packages in 1.574s
10 packages are looking for funding
run `npm fund` for details
found 1 high severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details
[root@tmplogsvr elastalert]# npm start
> @bitsensor/elastalert@3.0.0-beta.0 start /opt/elastalert
> sh ./scripts/start.sh
internal/modules/cjs/loader.js:638
throw err;
^
Error: Cannot find module 'body-parser'
at Function.Module._resolveFilename (internal/modules/cjs/loader.js:636:15)
at Function.Module._load (internal/modules/cjs/loader.js:562:25)
at Module.require (internal/modules/cjs/loader.js:692:17)
at require (internal/modules/cjs/helpers.js:25:18)
at Object.<anonymous> (/opt/elastalert/src/elastalert_server.js:2:1)
at Module._compile (internal/modules/cjs/loader.js:778:30)
at loader (/opt/elastalert/node_modules/babel-register/lib/node.js:144:5)
at Object.require.extensions.(anonymous function) [as .js] (/opt/elastalert/node_modules/babel-register/lib/node.js:154:7)
at Module.load (internal/modules/cjs/loader.js:653:32)
at tryModuleLoad (internal/modules/cjs/loader.js:593:12)
[root@tmplogsvr elastalert]# npm install body-parser
npm WARN @babel/register@7.21.0 requires a peer of @babel/core@^7.0.0-0 but none is installed. You must install peer dependencies yourself.
+ body-parser@1.20.2
added 2 packages from 3 contributors and audited 192 packages in 0.82s
10 packages are looking for funding
run `npm fund` for details
found 1 high severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details
[root@tmplogsvr elastalert]# npm start
> @bitsensor/elastalert@3.0.0-beta.0 start /opt/elastalert
> sh ./scripts/start.sh
internal/modules/cjs/loader.js:638
throw err;
^
Error: Cannot find module 'joi'
at Function.Module._resolveFilename (internal/modules/cjs/loader.js:636:15)
at Function.Module._load (internal/modules/cjs/loader.js:562:25)
at Module.require (internal/modules/cjs/loader.js:692:17)
at require (internal/modules/cjs/helpers.js:25:18)
at Object.<anonymous> (/opt/elastalert/src/common/config/server_config.js:1:1)
at Module._compile (internal/modules/cjs/loader.js:778:30)
at loader (/opt/elastalert/node_modules/babel-register/lib/node.js:144:5)
at Object.require.extensions.(anonymous function) [as .js] (/opt/elastalert/node_modules/babel-register/lib/node.js:154:7)
at Module.load (internal/modules/cjs/loader.js:653:32)
at tryModuleLoad (internal/modules/cjs/loader.js:593:12)
[root@tmplogsvr elastalert]# npm install joi
npm WARN deprecated joi@13.7.0: This version has been deprecated in accordance with the hapi support policy (hapi.im/support). Please upgrade to the latest version to get the best features, bug fixes, and security patches. If you are unable to upgrade at this time, paid support is available for older versions (hapi.im/commercial).
npm WARN deprecated topo@3.0.3: This module has moved and is now available at @hapi/topo. Please update your dependencies as this version is no longer maintained an may contain bugs and security issues.
npm WARN deprecated hoek@5.0.4: This version has been deprecated in accordance with the hapi support policy (hapi.im/support). Please upgrade to the latest version to get the best features, bug fixes, and security patches. If you are unable to upgrade at this time, paid support is available for older versions (hapi.im/commercial).
npm WARN deprecated hoek@6.1.3: This module has moved and is now available at @hapi/hoek. Please update your dependencies as this version is no longer maintained an may contain bugs and security issues.
npm WARN @babel/register@7.21.0 requires a peer of @babel/core@^7.0.0-0 but none is installed. You must install peer dependencies yourself.
+ joi@13.7.0
added 6 packages from 1 contributor and audited 198 packages in 0.992s
10 packages are looking for funding
run `npm fund` for details
found 1 high severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details
[root@tmplogsvr elastalert]# npm start
> @bitsensor/elastalert@3.0.0-beta.0 start /opt/elastalert
> sh ./scripts/start.sh
internal/modules/cjs/loader.js:638
throw err;
^
Error: Cannot find module 'object-resolve-path'
at Function.Module._resolveFilename (internal/modules/cjs/loader.js:636:15)
at Function.Module._load (internal/modules/cjs/loader.js:562:25)
at Module.require (internal/modules/cjs/loader.js:692:17)
at require (internal/modules/cjs/helpers.js:25:18)
at Object.<anonymous> (/opt/elastalert/src/common/config/server_config.js:5:1)
at Module._compile (internal/modules/cjs/loader.js:778:30)
at loader (/opt/elastalert/node_modules/babel-register/lib/node.js:144:5)
at Object.require.extensions.(anonymous function) [as .js] (/opt/elastalert/node_modules/babel-register/lib/node.js:154:7)
at Module.load (internal/modules/cjs/loader.js:653:32)
at tryModuleLoad (internal/modules/cjs/loader.js:593:12)
[root@tmplogsvr elastalert]# npm install object-resolve-path
npm WARN @babel/register@7.21.0 requires a peer of @babel/core@^7.0.0-0 but none is installed. You must install peer dependencies yourself.
+ object-resolve-path@1.1.1
added 1 package from 1 contributor and audited 199 packages in 1.433s
10 packages are looking for funding
run `npm fund` for details
found 1 high severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details
[root@tmplogsvr elastalert]# npm start
> @bitsensor/elastalert@3.0.0-beta.0 start /opt/elastalert
> sh ./scripts/start.sh
internal/modules/cjs/loader.js:638
throw err;
^
Error: Cannot find module 'mkdirp'
at Function.Module._resolveFilename (internal/modules/cjs/loader.js:636:15)
at Function.Module._load (internal/modules/cjs/loader.js:562:25)
at Module.require (internal/modules/cjs/loader.js:692:17)
at require (internal/modules/cjs/helpers.js:25:18)
at Object.<anonymous> (/opt/elastalert/src/common/file_system.js:3:1)
at Module._compile (internal/modules/cjs/loader.js:778:30)
at loader (/opt/elastalert/node_modules/babel-register/lib/node.js:144:5)
at Object.require.extensions.(anonymous function) [as .js] (/opt/elastalert/node_modules/babel-register/lib/node.js:154:7)
at Module.load (internal/modules/cjs/loader.js:653:32)
at tryModuleLoad (internal/modules/cjs/loader.js:593:12)
[root@tmplogsvr elastalert]# npm install mkdirp
npm WARN @babel/register@7.21.0 requires a peer of @babel/core@^7.0.0-0 but none is installed. You must install peer dependencies yourself.
+ mkdirp@0.5.6
added 1 package from 1 contributor and audited 200 packages in 0.821s
10 packages are looking for funding
run `npm fund` for details
found 1 high severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details
[root@tmplogsvr elastalert]# npm start
> @bitsensor/elastalert@3.0.0-beta.0 start /opt/elastalert
> sh ./scripts/start.sh
internal/modules/cjs/loader.js:638
throw err;
^
Error: Cannot find module 'ws'
at Function.Module._resolveFilename (internal/modules/cjs/loader.js:636:15)
at Function.Module._load (internal/modules/cjs/loader.js:562:25)
at Module.require (internal/modules/cjs/loader.js:692:17)
at require (internal/modules/cjs/helpers.js:25:18)
at Object.<anonymous> (/opt/elastalert/src/common/websocket.js:1:1)
at Module._compile (internal/modules/cjs/loader.js:778:30)
at loader (/opt/elastalert/node_modules/babel-register/lib/node.js:144:5)
at Object.require.extensions.(anonymous function) [as .js] (/opt/elastalert/node_modules/babel-register/lib/node.js:154:7)
at Module.load (internal/modules/cjs/loader.js:653:32)
at tryModuleLoad (internal/modules/cjs/loader.js:593:12)
[root@tmplogsvr elastalert]# npm install ws
npm WARN @babel/register@7.21.0 requires a peer of @babel/core@^7.0.0-0 but none is installed. You must install peer dependencies yourself.
+ ws@6.2.2
added 2 packages from 2 contributors and audited 202 packages in 0.873s
10 packages are looking for funding
run `npm fund` for details
found 1 high severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details
[root@tmplogsvr elastalert]# npm start
> @bitsensor/elastalert@3.0.0-beta.0 start /opt/elastalert
> sh ./scripts/start.sh
internal/modules/cjs/loader.js:638
throw err;
^
Error: Cannot find module 'lodash'
at Function.Module._resolveFilename (internal/modules/cjs/loader.js:636:15)
at Function.Module._load (internal/modules/cjs/loader.js:562:25)
at Module.require (internal/modules/cjs/loader.js:692:17)
at require (internal/modules/cjs/helpers.js:25:18)
at Object.<anonymous> (/opt/elastalert/src/routes/route_setup.js:1:1)
at Module._compile (internal/modules/cjs/loader.js:778:30)
at loader (/opt/elastalert/node_modules/babel-register/lib/node.js:144:5)
at Object.require.extensions.(anonymous function) [as .js] (/opt/elastalert/node_modules/babel-register/lib/node.js:154:7)
at Module.load (internal/modules/cjs/loader.js:653:32)
at tryModuleLoad (internal/modules/cjs/loader.js:593:12)
[root@tmplogsvr elastalert]# npm install lodash
npm WARN @babel/register@7.21.0 requires a peer of @babel/core@^7.0.0-0 but none is installed. You must install peer dependencies yourself.
+ lodash@4.17.21
added 1 package from 2 contributors and audited 203 packages in 0.815s
10 packages are looking for funding
run `npm fund` for details
found 1 high severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details
[root@tmplogsvr elastalert]# npm start
> @bitsensor/elastalert@3.0.0-beta.0 start /opt/elastalert
> sh ./scripts/start.sh
internal/modules/cjs/loader.js:638
throw err;
^
Error: Cannot find module 'elasticsearch'
at Function.Module._resolveFilename (internal/modules/cjs/loader.js:636:15)
at Function.Module._load (internal/modules/cjs/loader.js:562:25)
at Module.require (internal/modules/cjs/loader.js:692:17)
at require (internal/modules/cjs/helpers.js:25:18)
at Object.<anonymous> (/opt/elastalert/src/common/elasticsearch_client.js:1:1)
at Module._compile (internal/modules/cjs/loader.js:778:30)
at loader (/opt/elastalert/node_modules/babel-register/lib/node.js:144:5)
at Object.require.extensions.(anonymous function) [as .js] (/opt/elastalert/node_modules/babel-register/lib/node.js:154:7)
at Module.load (internal/modules/cjs/loader.js:653:32)
at tryModuleLoad (internal/modules/cjs/loader.js:593:12)
[root@tmplogsvr elastalert]# npm install elasticsearch
npm WARN deprecated elasticsearch@15.5.0: Package no longer supported. Contact Support at https://www.npmjs.com/support for more info.
npm WARN @babel/register@7.21.0 requires a peer of @babel/core@^7.0.0-0 but none is installed. You must install peer dependencies yourself.
+ elasticsearch@15.5.0
added 3 packages from 3 contributors and audited 207 packages in 0.943s
10 packages are looking for funding
run `npm fund` for details
found 1 high severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details
[root@tmplogsvr elastalert]# npm start
> @bitsensor/elastalert@3.0.0-beta.0 start /opt/elastalert
> sh ./scripts/start.sh
internal/modules/cjs/loader.js:638
throw err;
^
Error: Cannot find module 'tar'
at Function.Module._resolveFilename (internal/modules/cjs/loader.js:636:15)
at Function.Module._load (internal/modules/cjs/loader.js:562:25)
at Module.require (internal/modules/cjs/loader.js:692:17)
at require (internal/modules/cjs/helpers.js:25:18)
at Object.<anonymous> (/opt/elastalert/src/controllers/rules/index.js:3:1)
at Module._compile (internal/modules/cjs/loader.js:778:30)
at loader (/opt/elastalert/node_modules/babel-register/lib/node.js:144:5)
at Object.require.extensions.(anonymous function) [as .js] (/opt/elastalert/node_modules/babel-register/lib/node.js:154:7)
at Module.load (internal/modules/cjs/loader.js:653:32)
at tryModuleLoad (internal/modules/cjs/loader.js:593:12)
[root@tmplogsvr elastalert]# npm install tar
npm WARN @babel/register@7.21.0 requires a peer of @babel/core@^7.0.0-0 but none is installed. You must install peer dependencies yourself.
+ tar@4.4.19
added 6 packages from 1 contributor and audited 213 packages in 1.447s
10 packages are looking for funding
run `npm fund` for details
found 1 high severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details
[root@tmplogsvr elastalert]# npm start
> @bitsensor/elastalert@3.0.0-beta.0 start /opt/elastalert
> sh ./scripts/start.sh
internal/modules/cjs/loader.js:638
throw err;
^
Error: Cannot find module 'fs-extra'
at Function.Module._resolveFilename (internal/modules/cjs/loader.js:636:15)
at Function.Module._load (internal/modules/cjs/loader.js:562:25)
at Module.require (internal/modules/cjs/loader.js:692:17)
at require (internal/modules/cjs/helpers.js:25:18)
at Object.<anonymous> (/opt/elastalert/src/controllers/rules/index.js:4:1)
at Module._compile (internal/modules/cjs/loader.js:778:30)
at loader (/opt/elastalert/node_modules/babel-register/lib/node.js:144:5)
at Object.require.extensions.(anonymous function) [as .js] (/opt/elastalert/node_modules/babel-register/lib/node.js:154:7)
at Module.load (internal/modules/cjs/loader.js:653:32)
at tryModuleLoad (internal/modules/cjs/loader.js:593:12)
[root@tmplogsvr elastalert]# npm install fs-extra
npm WARN @babel/register@7.21.0 requires a peer of @babel/core@^7.0.0-0 but none is installed. You must install peer dependencies yourself.
+ fs-extra@5.0.0
added 4 packages from 2 contributors and audited 217 packages in 0.975s
10 packages are looking for funding
run `npm fund` for details
found 1 high severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details
[root@tmplogsvr elastalert]# npm start
> @bitsensor/elastalert@3.0.0-beta.0 start /opt/elastalert
> sh ./scripts/start.sh
internal/modules/cjs/loader.js:638
throw err;
^
Error: Cannot find module 'request-promise-native'
at Function.Module._resolveFilename (internal/modules/cjs/loader.js:636:15)
at Function.Module._load (internal/modules/cjs/loader.js:562:25)
at Module.require (internal/modules/cjs/loader.js:692:17)
at require (internal/modules/cjs/helpers.js:25:18)
at Object.<anonymous> (/opt/elastalert/src/controllers/rules/index.js:5:1)
at Module._compile (internal/modules/cjs/loader.js:778:30)
at loader (/opt/elastalert/node_modules/babel-register/lib/node.js:144:5)
at Object.require.extensions.(anonymous function) [as .js] (/opt/elastalert/node_modules/babel-register/lib/node.js:154:7)
at Module.load (internal/modules/cjs/loader.js:653:32)
at tryModuleLoad (internal/modules/cjs/loader.js:593:12)
[root@tmplogsvr elastalert]# npm install request-promise-native
npm WARN deprecated request-promise-native@1.0.9: request-promise-native has been deprecated because it extends the now deprecated request package, see https://github.com/request/request/issues/3142
npm WARN @babel/register@7.21.0 requires a peer of @babel/core@^7.0.0-0 but none is installed. You must install peer dependencies yourself.
npm WARN request-promise-native@1.0.9 requires a peer of request@^2.34 but none is installed. You must install peer dependencies yourself.
npm WARN request-promise-core@1.1.4 requires a peer of request@^2.34 but none is installed. You must install peer dependencies yourself.
+ request-promise-native@1.0.9
added 5 packages from 9 contributors and audited 222 packages in 0.974s
10 packages are looking for funding
run `npm fund` for details
found 1 high severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details
[root@tmplogsvr elastalert]# npm start
> @bitsensor/elastalert@3.0.0-beta.0 start /opt/elastalert
> sh ./scripts/start.sh
internal/modules/cjs/loader.js:638
throw err;
^
Error: Cannot find module 'request'
at Function.Module._resolveFilename (internal/modules/cjs/loader.js:636:15)
at Function.Module._load (internal/modules/cjs/loader.js:562:25)
at Module.require (internal/modules/cjs/loader.js:692:17)
at require (internal/modules/cjs/helpers.js:25:18)
at /opt/elastalert/node_modules/request-promise-native/lib/rp.js:8:12
at module.exports (/opt/elastalert/node_modules/stealthy-require/lib/index.js:62:23)
at Object.<anonymous> (/opt/elastalert/node_modules/request-promise-native/lib/rp.js:7:15)
at Module._compile (internal/modules/cjs/loader.js:778:30)
at Module._extensions..js (internal/modules/cjs/loader.js:789:10)
at Object.require.extensions.(anonymous function) [as .js] (/opt/elastalert/node_modules/babel-register/lib/node.js:152:7)
[root@tmplogsvr elastalert]# npm install request
npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated har-validator@5.1.5: this library is no longer supported
npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
npm WARN @babel/register@7.21.0 requires a peer of @babel/core@^7.0.0-0 but none is installed. You must install peer dependencies yourself.
+ request@2.88.2
added 40 packages from 43 contributors and audited 262 packages in 1.55s
11 packages are looking for funding
run `npm fund` for details
found 1 high severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details
[root@tmplogsvr elastalert]# npm start
> @bitsensor/elastalert@3.0.0-beta.0 start /opt/elastalert
> sh ./scripts/start.sh
internal/modules/cjs/loader.js:638
throw err;
^
Error: Cannot find module 'randomstring'
at Function.Module._resolveFilename (internal/modules/cjs/loader.js:636:15)
at Function.Module._load (internal/modules/cjs/loader.js:562:25)
at Module.require (internal/modules/cjs/loader.js:692:17)
at require (internal/modules/cjs/helpers.js:25:18)
at Object.<anonymous> (/opt/elastalert/src/controllers/test/index.js:5:1)
at Module._compile (internal/modules/cjs/loader.js:778:30)
at loader (/opt/elastalert/node_modules/babel-register/lib/node.js:144:5)
at Object.require.extensions.(anonymous function) [as .js] (/opt/elastalert/node_modules/babel-register/lib/node.js:154:7)
at Module.load (internal/modules/cjs/loader.js:653:32)
at tryModuleLoad (internal/modules/cjs/loader.js:593:12)
[root@tmplogsvr elastalert]# npm install randomstring
npm WARN @babel/register@7.21.0 requires a peer of @babel/core@^7.0.0-0 but none is installed. You must install peer dependencies yourself.
+ randomstring@1.2.3
added 3 packages from 2 contributors and audited 265 packages in 1.026s
11 packages are looking for funding
run `npm fund` for details
found 1 high severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details
[root@tmplogsvr elastalert]# npm start
> @bitsensor/elastalert@3.0.0-beta.0 start /opt/elastalert
> sh ./scripts/start.sh
internal/modules/cjs/loader.js:638
throw err;
^
Error: Cannot find module 'cors'
at Function.Module._resolveFilename (internal/modules/cjs/loader.js:636:15)
at Function.Module._load (internal/modules/cjs/loader.js:562:25)
at Module.require (internal/modules/cjs/loader.js:692:17)
at require (internal/modules/cjs/helpers.js:25:18)
at Object.<anonymous> (/opt/elastalert/src/elastalert_server.js:13:1)
at Module._compile (internal/modules/cjs/loader.js:778:30)
at loader (/opt/elastalert/node_modules/babel-register/lib/node.js:144:5)
at Object.require.extensions.(anonymous function) [as .js] (/opt/elastalert/node_modules/babel-register/lib/node.js:154:7)
at Module.load (internal/modules/cjs/loader.js:653:32)
at tryModuleLoad (internal/modules/cjs/loader.js:593:12)
[root@tmplogsvr elastalert]# npm install cors
npm WARN @babel/register@7.21.0 requires a peer of @babel/core@^7.0.0-0 but none is installed. You must install peer dependencies yourself.
+ cors@2.8.5
added 2 packages from 2 contributors and audited 267 packages in 1.027s
11 packages are looking for funding
run `npm fund` for details
found 1 high severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details
[root@tmplogsvr elastalert]#
npm 실행 오류 3 및 해결
[root@tmplogsvr elastalert]# npm start
> @bitsensor/elastalert@3.0.0-beta.0 start /opt/elastalert
> sh ./scripts/start.sh
03:04:12.912Z INFO elastalert-server: Config: No config.dev.json file was found in /opt/elastalert/config/config.dev.json.
03:04:12.913Z INFO elastalert-server: Config: Proceeding to look for normal config file.
03:04:12.913Z INFO elastalert-server: Config: A config file was found in /opt/elastalert/config/config.json. Using that config.
03:04:12.919Z INFO elastalert-server: Router: Listening for GET request on /.
03:04:12.919Z INFO elastalert-server: Router: Listening for GET request on /status.
03:04:12.919Z INFO elastalert-server: Router: Listening for GET request on /status/control/:action.
03:04:12.919Z INFO elastalert-server: Router: Listening for GET request on /status/errors.
03:04:12.919Z INFO elastalert-server: Router: Listening for GET request on /rules.
03:04:12.920Z INFO elastalert-server: Router: Listening for GET request on /rules/:id.
03:04:12.920Z INFO elastalert-server: Router: Listening for POST request on /rules/:id.
03:04:12.920Z INFO elastalert-server: Router: Listening for DELETE request on /rules/:id.
03:04:12.920Z INFO elastalert-server: Router: Listening for GET request on /templates.
03:04:12.920Z INFO elastalert-server: Router: Listening for GET request on /templates/:id.
03:04:12.920Z INFO elastalert-server: Router: Listening for POST request on /templates/:id.
03:04:12.920Z INFO elastalert-server: Router: Listening for DELETE request on /templates/:id.
03:04:12.921Z INFO elastalert-server: Router: Listening for POST request on /test.
03:04:12.921Z INFO elastalert-server: Router: Listening for GET request on /config.
03:04:12.921Z INFO elastalert-server: Router: Listening for POST request on /config.
03:04:12.921Z INFO elastalert-server: Router: Listening for POST request on /download.
03:04:12.921Z INFO elastalert-server: Router: Listening for GET request on /metadata/:type.
03:04:12.921Z INFO elastalert-server: Router: Listening for GET request on /mapping/:index.
03:04:12.921Z INFO elastalert-server: Router: Listening for POST request on /search/:index.
03:04:12.923Z INFO elastalert-server: ProcessController: Starting ElastAlert
03:04:12.923Z INFO elastalert-server: ProcessController: Creating index
03:04:13.089Z ERROR elastalert-server:
ProcessController: Traceback (most recent call last):
File "/usr/lib64/python3.6/runpy.py", line 183, in _run_module_as_main
mod_name, mod_spec, code = _get_module_details(mod_name, _Error)
File "/usr/lib64/python3.6/runpy.py", line 109, in _get_module_details
__import__(pkg_name)
File "/usr/local/lib/python3.6/site-packages/elastalert/__init__.py", line 6, in <module>
from elasticsearch import RequestsHttpConnection
ImportError: cannot import name 'RequestsHttpConnection'
03:04:13.089Z ERROR elastalert-server: ProcessController: Index create exited with code 1
03:04:13.089Z WARN elastalert-server: ProcessController: ElastAlert will start but might not be able to save its data!
03:04:13.089Z INFO elastalert-server: ProcessController: Starting elastalert with arguments [none]
03:04:13.093Z INFO elastalert-server: ProcessController: Started Elastalert (PID: 71989)
03:04:13.093Z INFO elastalert-server: Server: Server listening on port 3030
03:04:13.094Z INFO elastalert-server: Server: Websocket listening on port 3333
03:04:13.094Z INFO elastalert-server: Server: Server started
03:04:13.240Z ERROR elastalert-server:
ProcessController: Traceback (most recent call last):
File "/usr/lib64/python3.6/runpy.py", line 183, in _run_module_as_main
mod_name, mod_spec, code = _get_module_details(mod_name, _Error)
File "/usr/lib64/python3.6/runpy.py", line 109, in _get_module_details
__import__(pkg_name)
File "/usr/local/lib/python3.6/site-packages/elastalert/__init__.py", line 6, in <module>
from elasticsearch import RequestsHttpConnection
ImportError: cannot import name 'RequestsHttpConnection'
03:04:13.255Z ERROR elastalert-server: ProcessController: ElastAlert exited with code 1
03:04:13.255Z INFO elastalert-server: Server: Stopping server
03:04:13.255Z INFO elastalert-server: ProcessController: ElastAlert is not running
03:04:13.256Z INFO elastalert-server: Server: Server stopped. Bye!
[root@tmplogsvr elastalert]# python -m pip install --upgrade 'elasticsearch>=7.16,<8'
Collecting elasticsearch<8,>=7.16
Downloading elasticsearch-7.17.9-py2.py3-none-any.whl (385 kB)
|████████████████████████████████| 385 kB 40.4 MB/s
Requirement already satisfied: urllib3<2,>=1.21.1 in /usr/local/lib/python3.6/site-packages (from elasticsearch<8,>=7.16) (1.26.15)
Requirement already satisfied: certifi in /usr/local/lib/python3.6/site-packages (from elasticsearch<8,>=7.16) (2022.12.7)
Installing collected packages: elasticsearch
Attempting uninstall: elasticsearch
Found existing installation: elasticsearch 8.6.2
Uninstalling elasticsearch-8.6.2:
Successfully uninstalled elasticsearch-8.6.2
ERROR: pip's dependency resolver does not currently take into account all the packages that are installed. This behaviour is the source of the following dependency conflicts.
elastalert 0.2.4 requires elasticsearch==7.0.0, but you have elasticsearch 7.17.9 which is incompatible.
Successfully installed elasticsearch-7.17.9
WARNING: Running pip as the 'root' user can result in broken permissions and conflicting behaviour with the system package manager. It is recommended to use a virtual environment instead: https://pip.pypa.io/warnings/venv
[root@tmplogsvr elastalert]#
npm 실행 오류 4 및 해결
[root@tmplogsvr elastalert]# npm start
> @bitsensor/elastalert@3.0.0-beta.0 start /opt/elastalert
> sh ./scripts/start.sh
03:16:12.392Z INFO elastalert-server: Config: No config.dev.json file was found in /opt/elastalert/config/config.dev.json.
03:16:12.393Z INFO elastalert-server: Config: Proceeding to look for normal config file.
03:16:12.393Z INFO elastalert-server: Config: A config file was found in /opt/elastalert/config/config.json. Using that config.
03:16:12.399Z INFO elastalert-server: Router: Listening for GET request on /.
03:16:12.399Z INFO elastalert-server: Router: Listening for GET request on /status.
03:16:12.399Z INFO elastalert-server: Router: Listening for GET request on /status/control/:action.
03:16:12.399Z INFO elastalert-server: Router: Listening for GET request on /status/errors.
03:16:12.399Z INFO elastalert-server: Router: Listening for GET request on /rules.
03:16:12.400Z INFO elastalert-server: Router: Listening for GET request on /rules/:id.
03:16:12.400Z INFO elastalert-server: Router: Listening for POST request on /rules/:id.
03:16:12.400Z INFO elastalert-server: Router: Listening for DELETE request on /rules/:id.
03:16:12.400Z INFO elastalert-server: Router: Listening for GET request on /templates.
03:16:12.400Z INFO elastalert-server: Router: Listening for GET request on /templates/:id.
03:16:12.400Z INFO elastalert-server: Router: Listening for POST request on /templates/:id.
03:16:12.400Z INFO elastalert-server: Router: Listening for DELETE request on /templates/:id.
03:16:12.400Z INFO elastalert-server: Router: Listening for POST request on /test.
03:16:12.400Z INFO elastalert-server: Router: Listening for GET request on /config.
03:16:12.400Z INFO elastalert-server: Router: Listening for POST request on /config.
03:16:12.400Z INFO elastalert-server: Router: Listening for POST request on /download.
03:16:12.400Z INFO elastalert-server: Router: Listening for GET request on /metadata/:type.
03:16:12.400Z INFO elastalert-server: Router: Listening for GET request on /mapping/:index.
03:16:12.400Z INFO elastalert-server: Router: Listening for POST request on /search/:index.
03:16:12.403Z INFO elastalert-server: ProcessController: Starting ElastAlert
03:16:12.403Z INFO elastalert-server: ProcessController: Creating index
03:16:12.587Z INFO elastalert-server: ProcessController: Enter Elasticsearch host:
03:16:12.587Z ERROR elastalert-server:
ProcessController: Traceback (most recent call last):
File "/usr/lib64/python3.6/runpy.py", line 193, in _run_module_as_main
"__main__", mod_spec)
File "/usr/lib64/python3.6/runpy.py", line 85, in _run_code
exec(code, run_globals)
File "/usr/local/lib/python3.6/site-packages/elastalert/create_index.py", line 268, in <module>
main()
File "/usr/local/lib/python3.6/site-packages/elastalert/create_index.py", line 215, in main
host = args.host if args.host else input('Enter Elasticsearch host: ')
EOFError: EOF when reading a line
03:16:12.587Z ERROR elastalert-server: ProcessController: Index create exited with code 1
03:16:12.587Z WARN elastalert-server: ProcessController: ElastAlert will start but might not be able to save its data!
03:16:12.587Z INFO elastalert-server: ProcessController: Starting elastalert with arguments [none]
03:16:12.591Z INFO elastalert-server: ProcessController: Started Elastalert (PID: 72288)
03:16:12.592Z INFO elastalert-server: Server: Server listening on port 3030
03:16:12.592Z INFO elastalert-server: Server: Websocket listening on port 3333
03:16:12.592Z INFO elastalert-server: Server: Server started
03:16:12.883Z ERROR elastalert-server:
ProcessController: Traceback (most recent call last):
File "/usr/lib64/python3.6/runpy.py", line 193, in _run_module_as_main
"__main__", mod_spec)
File "/usr/lib64/python3.6/runpy.py", line 85, in _run_code
exec(code, run_globals)
File "/usr/local/lib/python3.6/site-packages/elastalert/elastalert.py", line 2055, in <module>
sys.exit(main(sys.argv[1:]))
File "/usr/local/lib/python3.6/site-packages/elastalert/elastalert.py", line 2049, in main
client = ElastAlerter(args)
File "/usr/local/lib/python3.6/site-packages/elastalert/elastalert.py", line 138, in __init__
self.conf = load_conf(self.args)
File "/usr/local/lib/python3.6/site-packages/elastalert/config.py", line 45, in load_conf
conf = yaml_loader(filename)
File "/usr/local/lib/python3.6/site-packages/staticconf/loader.py", line 177, in yaml_loader
with open(filename) as fh:
FileNotFoundError: [Errno 2] No such file or directory: 'config.yaml'
03:16:12.916Z ERROR elastalert-server: ProcessController: ElastAlert exited with code 1
03:16:12.916Z INFO elastalert-server: Server: Stopping server
03:16:12.916Z INFO elastalert-server: ProcessController: ElastAlert is not running
03:16:12.917Z INFO elastalert-server: Server: Server stopped. Bye!
[root@tmplogsvr elastalert]#
[root@tmplogsvr elastalert]# echo \
'rules_folder: rules # 폴더명
run_every: # elasticsearch를 쿼리하는 빈도
minutes: 1
buffer_time: # 쿼리가 실행되는 시간부터 뒤로 늘어나는 쿼리 창의 크기
minutes: 15
es_host: 192.168.0.17 # elasticsearch host
es_port: 9200 # elasticsearch 사용 port
writeback_index: elastalert_status # elastalert2가 데이터를 저장할 index
alert_time_limit: # 실패한 경고에 대한 재시도 기간
days: 2' > config.yaml
[root@tmplogsvr elastalert]#'기술 노트 > elastalert' 카테고리의 다른 글
| elastalert plugin 설치하기 (0) | 2023.03.16 |
|---|---|
| elastalert rule example 2 (0) | 2023.03.06 |
| elastalert rules example 1 (0) | 2023.03.06 |
| elastalert config.yaml (0) | 2023.03.06 |
| elastalert 실행하기 1 (0) | 2023.03.06 |