Conversation
- Introduced SqsAlerter class for handling alerts via AWS SQS. - Updated schema.yaml to include SQS configuration properties. - Adjusted SqsAlerter to ensure message body adheres to SQS size limits.
Add new SqsAlerter for sending alerts via AWS SQS queues, modeled after the existing SnsAlerter. Supports authentication via access key/secret or named AWS profile, and handles SQS 256 KB message size limit with automatic text truncation. - New alerter class in elastalert/alerters/sqs.py - Registered 'sqs' alert type in loaders.py - Added SQS options to schema.yaml - Added unit tests in tests/alerters/sqs_test.py Made-with: Cursor
|
The document has not been modified |
|
It is not added to the New features in CHANGELOG.md |
|
Have you run make test-docker locally and confirmed that the test is successful? |
|
Have you actually run it and confirmed that an alert notification is sent? |
I'll test it now |
|
docker test is successful but not receiving messages on real production env. no errors were logged. I'm trying to figure out |
- Documented the new AWS SQS alerter in alerts.rst, detailing its usage and configuration options. - Updated elastalert.rst to include AWS SQS in the list of supported alert types. - Enhanced the SqsAlerter implementation to infer AWS region from the SQS queue URL and adjusted message size handling. - Updated unit tests to verify new functionality, including region inference and message size limits.
prod test passed. Added region infer from queue url. Turns out sqs.send_message() doesn't actually use the region in the url. |
jertel
left a comment
jertel
left a comment
There was a problem hiding this comment.
Thanks for submitting this new feature. I left a couple of comments.
- Updated CHANGELOG to include a reference to the AWS SQS alerter pull request. - Refactored the _get_region_from_sqs_url function in sqs.py to remove unnecessary try-except block for improved error handling.
3 participants
Description
Add a new
SqsAlerterfor sending alerts via AWS SQS, modeled after the existingSnsAlerter.Changes:
SqsAlerterinelastalert/alerters/sqs.pythat sends alert data as a JSON message to an SQS queuejson.dumps(default=str)to safely serialize match data that may contain non-JSON-native types (e.g.datetimeobjects)sqsas a new alert type inloaders.pysqs_queue_url,sqs_aws_access_key_id,sqs_aws_secret_access_key,sqs_aws_region,sqs_aws_profile) toschema.yamlNew rule options:
sqs_queue_urlsqs_aws_access_key_idsqs_aws_secret_access_keysqs_aws_regionus-east-1sqs_aws_profileNo breaking changes.
Checklist
make test-dockerwith my changes.Questions or Comments
Unit tests cover:
get_info, required option validation,EAExceptionon send failure, message size truncation, and AWS profile-based session creation (6 tests, all passing).Documentation and changelog updates are pending and will be added in a follow-up or upon reviewer request.