{"id":13615502,"url":"https://github.com/cloudflare/alertmanager2es","last_synced_at":"2025-04-09T06:10:21.741Z","repository":{"id":41271494,"uuid":"88166688","full_name":"cloudflare/alertmanager2es","owner":"cloudflare","description":"Receives HTTP webhook notifications from AlertManager and inserts them into an Elasticsearch index for searching and analysis","archived":false,"fork":false,"pushed_at":"2024-09-25T04:25:03.000Z","size":2277,"stargazers_count":247,"open_issues_count":9,"forks_count":40,"subscribers_count":12,"default_branch":"master","last_synced_at":"2025-04-02T04:06:13.007Z","etag":null,"topics":["alerting","alertmanager","analytics","elasticsearch","monitoring","prometheus"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cloudflare.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-04-13T13:17:34.000Z","updated_at":"2025-02-24T08:38:11.000Z","dependencies_parsed_at":"2024-01-17T00:18:53.136Z","dependency_job_id":"6f90217b-bae7-4e30-8acb-553b76aa2e1d","html_url":"https://github.com/cloudflare/alertmanager2es","commit_stats":null,"previous_names":[],"tags_count":5,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cloudflare%2Falertmanager2es","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cloudflare%2Falertmanager2es/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cloudflare%2Falertmanager2es/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cloudflare%2Falertmanager2es/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cloudflare","download_url":"https://codeload.github.com/cloudflare/alertmanager2es/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247987285,"owners_count":21028895,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["alerting","alertmanager","analytics","elasticsearch","monitoring","prometheus"],"created_at":"2024-08-01T20:01:14.528Z","updated_at":"2025-04-09T06:10:21.709Z","avatar_url":"https://github.com/cloudflare.png","language":"Go","funding_links":[],"categories":["Go","Infrastructure \u0026 Operations"],"sub_categories":["Monitoring \u0026 Observability"],"readme":"# alertmanager2es\n\nalertmanager2es receives [HTTP webhook][] notifications from [AlertManager][]\nand inserts them into an [Elasticsearch][] index for searching and analysis. It\nruns as a daemon.\n\nThe alerts are stored in Elasticsearch as [alert groups][].\n\n[alert groups]: https://prometheus.io/docs/alerting/alertmanager/#grouping\n[AlertManager]: https://github.com/prometheus/alertmanager\n[Elasticsearch]: https://www.elastic.co/products/elasticsearch\n[HTTP webhook]: https://prometheus.io/docs/alerting/configuration/#webhook-receiver-\u003cwebhook_config\u003e\n\n## Rationale\n\nIt can be useful to see which alerts fired over a given time period, and\nperform historical analysis of when and where alerts fired. Having this data\ncan help:\n\n- tune alerting rules\n- understand the impact of an incident\n- understand which alerts fired during an incident\n\nIt might have been possible to configure Alertmanager to send the alert groups\nto Elasticsearch directly, if not for the fact that [Elasticsearch][] [does not\nsupport unsigned integers][] at the time of writing. Alertmanager uses an\nunsigned integer for the `groupKey` field, which alertmanager2es converts to a\nstring.\n\n[does not support unsigned integers]: https://github.com/elastic/elasticsearch/issues/13951\n\n## Limitations\n\n- alertmanager2es will not capture [silenced][] or [inhibited][] alerts; the alert\n  notifications stored in Elasticsearch will closely resemble the notifications\n  received by a human.\n\n[silenced]: https://prometheus.io/docs/alerting/alertmanager/#silences\n[inhibited]: https://prometheus.io/docs/alerting/alertmanager/#inhibition\n\n- Kibana does not display arrays of objects well (the alert groupings use an\n  array), so you may find some irregularities when exploring the alert data in\n  Kibana. We have not found this to be a significant limitation, and it is\n  possible to query alert labels stored within the array.\n\n## Prerequisites\n\nTo use alertmanager2es, you'll need:\n\n- an [Elasticsearch][] cluster\n- [Alertmanager][] 0.6.0 or above\n\nTo build alertmanager2es, you'll need:\n\n- [Make][]\n- [Go][] 1.7 or above\n- a working [GOPATH][]\n\n[Make]: https://www.gnu.org/software/make/\n[Go]: https://golang.org/dl/\n[GOPATH]: https://golang.org/cmd/go/#hdr-GOPATH_environment_variable\n\n## Building\n\n    go get -u github.com/cloudflare/alertmanager2es\n    cd $GOPATH/src/github.com/cloudflare/alertmanager2es\n    make\n\n## Configuration\n\n### alertmanager2es usage\n\nalertmanager2es is configured using commandline flags. It is assumed that\nalertmanager2es has unrestricted access to your Elasticsearch cluster.\n\nalertmanager2es does not perform any user authentication.\n\nRun `./alertmanager2es -help` to view the configurable commandline flags.\n\n### Example Alertmanager configuration\n\n#### Receiver configuration\n\n```yaml\n- name: alertmanager2es\n  webhook_configs:\n    - url: https://alertmanager2es.example.com/webhook\n```\n\n#### Route configuration\n\nBy omitting a matcher, this route will match all alerts:\n\n```yaml\n- receiver: alertmanager2es\n  continue: true\n```\n\n### Example Elasticsearch template\n\nApply this Elasticsearch template before you configure alertmanager2es to start\nsending data:\n\n```json\n{\n  \"index_patterns\": [\n    \"alertmanager-2*\"\n  ],\n  \"template\": {\n    \"settings\": {\n      \"number_of_shards\": 1,\n      \"number_of_replicas\": 1,\n      \"index.refresh_interval\": \"10s\",\n      \"index.query.default_field\": \"groupLabels.alertname\"\n    },\n    \"mappings\": {\n      \"properties\": {\n        \"@timestamp\": {\n          \"type\": \"date\",\n          \"doc_values\": true\n        }\n      },\n      \"dynamic_templates\": [\n        {\n          \"string_fields\": {\n            \"match\": \"*\",\n            \"match_mapping_type\": \"string\",\n            \"mapping\": {\n              \"type\": \"text\",\n              \"ignore_above\": 2048\n            }\n          }\n        }\n      ]\n    }\n  }\n}\n```\n\nWe rotate our index once a month, since there's not enough data to warrant\ndaily rotation in our case. Therefore our index name looks like:\n\n    alertmanager-200601\n\nWe anchor the template name with `-2` to avoid inadvertently matching other\nindices, e.g.  `alertmanager-foo-200601`. This of course assumes that you will\nno longer care to index your alerts in the year 3000.\n\n## Failure modes\n\nalertmanager2es will return a HTTP 500 (Internal Server Error) if it encounters\na non-2xx response from Elasticsearch. Therefore if Elasticsearch is down,\nalertmanager2es will respond to Alertmanager with a HTTP 500. No retries are\nmade as Alertmanager has its own retry logic.\n\nBoth the HTTP server exposed by alertmanager2es and the HTTP client that\nconnects to Elasticsearch have read and write timeouts of 10 seconds.\n\n## Metrics\n\nalertmanager2es exposes [Prometheus][] metrics on `/metrics`.\n\n[Prometheus]: https://prometheus.io/\n\n## Example Elasticsearch queries\n\n    alerts.labels.alertname:\"Disk_Likely_To_Fill_Next_4_Days\"\n\n## Contributions\n\nPull requests, comments and suggestions are welcome.\n\nPlease see [CONTRIBUTING.md](CONTRIBUTING.md) for more information.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcloudflare%2Falertmanager2es","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcloudflare%2Falertmanager2es","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcloudflare%2Falertmanager2es/lists"}