Exposing Rule Metrics
Configuration
Running ElastAlert with --prometheus_port configuration flag will expose ElastAlert 2 Prometheus metrics on the specified port. Prometheus metrics are disabled by default.
To expose ElastAlert rule metrics on port 9979 run the following command:
$ elastalert --config config.yaml --prometheus_port 9979
Rule Metrics
The metrics being exposed are related to the ElastAlert 2 metadata indices. The exposed metrics are in the Prometheus text-based format. Metrics are of the metric type counter or gauge and follow the Prometheus metric naming.
In the standard metric definition, the metric names are structured as follows:
elastalert_{metric}_{unit}
Where:
{metric}is a unique name of the metric. For example,hits.{unit}is the unit of measurement of the metric value. For example,totalis a counter type metric andcreatedis a gauge type metric.
All metrics except elastalert_errors_{unit} have values that apply to a particular rule name. In the exported metrics, these can be identified using the rule_name Prometheus label.
Find below all available metrics:
METRIC |
Type |
Description |
Label |
|---|---|---|---|
|
Counter, Gauge |
Number of scrapes |
|
|
Counter, Gauge |
Number of hits |
|
|
Counter, Gauge |
Number of matches |
|
|
Counter, Gauge |
Time taken in seconds |
|
|
Counter, Gauge |
Number of alerts sent |
|
|
Counter, Gauge |
Number of alerts not sent |
|
|
Counter, Gauge |
Number of silenced alerts |
|
|
Counter, Gauge |
Number of errors |