Package: elastalert
Version: 0.1.29-1
Severity: wishlist
Dear maintainer:
Thanks a lot for packaging this for Debian, I was using this program
before and finally I can use a proper Debian package (at the small cost
of running buster, because I never managed to backport it).
The sample config.yaml has "example_rules" as the directory to read
rules, but this is a relative directory and a little bit weird if we
want to run elastalert as a daemon (which I try to do with systemd).
So I propose that we standardize such directory (in the Debian package)
to /etc/elastalert/rules, as in the attached patch, which also ensures
that both /etc/elastalert and /etc/elastalert/rules exist after
installing the package.
[ Another thing I would like to see in the package is a systemd unit, so
that the service starts automatically on boot, but I admit that this
is not trivial because there will not be a default to satisfy
everybody. ]
Thanks.
diff --git a/config.yaml.example b/config.yaml.example
index beec380..ea99296 100644
--- a/config.yaml.example
+++ b/config.yaml.example
@@ -1,6 +1,6 @@
# This is the folder that contains the rule yaml files
# Any .yaml file will be loaded as a rule
-rules_folder: example_rules
+rules_folder: /etc/elastalert/rules
# How often ElastAlert will query Elasticsearch
# The unit can be anything from weeks to seconds
diff --git a/debian/elastalert.dirs b/debian/elastalert.dirs
new file mode 100644
index 0000000..c588b93
--- /dev/null
+++ b/debian/elastalert.dirs
@@ -0,0 +1,2 @@
+/etc/elastalert
+/etc/elastalert/rules
