es_hosts parameter of ElastAlert2

[niek1992]

Hi,

First of all, amazing work you've done. I am currently using it for my Thesis and really like the GUI that integrates with ES as an application. I run everything in Docker, with two nodes in the Elasticsearch cluster. But i noticed something that doesn't work as expected.

I started with using es_host in elastalert2-server/config.json as a single node. However i'd like to have a bit more redundancy when the first host somehow timed out or lost network connection. For this i'd need to configure es_hosts as a parameter in config.json OR add an environment variable named ES_HOSTS that contain these values. ElastAlert2 added support Starting from ElastAlert2 2.2.3 for this parameter, and commit 8327d41b545ae3b3d2bbc6843f931ea449f3d265 to this repository added support for 2.3.0.

However, adding it as a parameter yields a "unsupported parameter es_hosts in config.json" when starting the container. The container properly starts when i enter the two nodes in the es_host parameter, but assuming it only use a single host (as that is what the docs of ElastAlert2 say).

Setting an environment variable with the key of ES_HOSTS with a value of the two nodes works, but i'd like to configure it in the ElastAlert2-server configuration. I've scrolled through the source-code a bit, but assuming there need to be an extra field called es_hosts in this and this file. If you want i can create a pull request however am limited in time as i am doing my Thesis (and are waaayy behind schedule as well).

If this is intended behaviour, then please discard this issue.

With kind Regards,

Niek

[Karql]

Hi @niek1992

Thank you for detailed issue!

I have not noticed this new parametr: es_hosts.

I will extend config model soon.

Best regards,
Mateusz

[Karql]

I have checked it more carefully.

Those files you have metioned are used by server not ElastAlert2.
For example by elasticsearch.Client: https://github.com/Karql/elastalert2-server/blob/master/src/common/elasticsearch_client.ts#L37

This client is used for query metadata, mappings etc.
Honestly I have nerver used those functions 😀

There is more work that has to be done than changing model and schema
e.g. client configuration to be simillar like in: https://github.com/jertel/elastalert2/pull/548/files#diff-df673d7477cb209f446a4cf89180d6e3b12dd492e5423f9de844e7a77e24016bR20

but as I remember there are some bugs regarding to this client.

I have this in todo: https://github.com/Karql/elastalert2-server/blob/master/TODO.md

Migrate latest fixes from https://github.com/johnsusek/elastalert-server

You have written that you want to change configuration for ElastAlert2 so this do not concern you.

You should only change elastalert.yaml

btw.

however am limited in time as i am doing my Thesis (and are waaayy behind schedule as well)

I know something about that - I finshed my thesis 10 years after college 😅
Best luck whit it!

I leave this issue open.