Can't run elastalert-server

[anragen]

docker run -p 3030:3030 -p 3333:3333 -v pwd/config/elastalert.yaml:/opt/elastalert/config.yaml -v pwd/config/elastalert-test.yaml:/opt/elastalert/config-test.yaml -v pwd/config/config.json:/opt/elastalert-server/config/config.json -v pwd/rules:/opt/elastalert/rules -v pwd/rule_templates:/opt/elastalert/rule_templates --net="host" --name elastalert bitsensor/elastalert:latest WARNING: Published ports are discarded when using host network mode

@bitsensor/[email protected] start /opt/elastalert-server sh ./scripts/start.sh

10:03:13.794Z INFO elastalert-server: Config: No config.dev.json file was found in /opt/elastalert-server/config/config.dev.json. 10:03:13.796Z INFO elastalert-server: Config: Proceeding to look for normal config file. 10:03:13.796Z INFO elastalert-server: Config: A config file was found in /opt/elastalert-server/config/config.json. Using that config. 10:03:13.804Z INFO elastalert-server: Router: Listening for GET request on /. 10:03:13.804Z INFO elastalert-server: Router: Listening for GET request on /status. 10:03:13.804Z INFO elastalert-server: Router: Listening for GET request on /status/control/:action. 10:03:13.804Z INFO elastalert-server: Router: Listening for GET request on /status/errors. 10:03:13.805Z INFO elastalert-server: Router: Listening for GET request on /rules. 10:03:13.807Z INFO elastalert-server: Router: Listening for GET request on /rules/:id. 10:03:13.807Z INFO elastalert-server: Router: Listening for POST request on /rules/:id. 10:03:13.807Z INFO elastalert-server: Router: Listening for DELETE request on /rules/:id. 10:03:13.807Z INFO elastalert-server: Router: Listening for GET request on /templates. 10:03:13.808Z INFO elastalert-server: Router: Listening for GET request on /templates/:id. 10:03:13.808Z INFO elastalert-server: Router: Listening for POST request on /templates/:id. 10:03:13.808Z INFO elastalert-server: Router: Listening for DELETE request on /templates/:id. 10:03:13.808Z INFO elastalert-server: Router: Listening for POST request on /test. 10:03:13.808Z INFO elastalert-server: Router: Listening for GET request on /config. 10:03:13.808Z INFO elastalert-server: Router: Listening for POST request on /config. 10:03:13.809Z INFO elastalert-server: Router: Listening for POST request on /download. 10:03:13.809Z INFO elastalert-server: Router: Listening for GET request on /metadata/:type. 10:03:13.809Z INFO elastalert-server: Router: Listening for GET request on /mapping/:index. 10:03:13.809Z INFO elastalert-server: Router: Listening for POST request on /search/:index. 10:03:13.814Z INFO elastalert-server: ProcessController: Starting ElastAlert 10:03:13.814Z INFO elastalert-server: ProcessController: Creating index 10:03:18.000Z INFO elastalert-server: ProcessController: Elastic Version:7 Mapping used for string:{'type': 'keyword'}

10:03:18.000Z ERROR elastalert-server: ProcessController: Traceback (most recent call last): File "/usr/lib/python2.7/runpy.py", line 174, in _run_module_as_main "main", fname, loader, pkg_name) File "/usr/lib/python2.7/runpy.py", line 72, in _run_code exec code in run_globals File "/opt/elastalert/elastalert/create_index.py", line 275, in main() File "/opt/elastalert/elastalert/create_index.py", line 252, in main es.indices.put_mapping(index=index, doc_type='elastalert', body=es_mapping) File "/usr/lib/python2.7/site-packages/elasticsearch-7.0.1-py2.7.egg/elasticsearch/client/utils.py", line 84, in _wrapped return func(*args, params=params, **kwargs) File "/usr/lib/python2.7/site-packages/elasticsearch-7.0.1-py2.7.egg/elasticsearch/client/indices.py", line 339, in put_mapping "PUT", _make_path(index, "_mapping", doc_type), params=params, body=body File "/usr/lib/python2.7/site-packages/elasticsearch-7.0.1-py2.7.egg/elasticsearch/transport.py", line 353, in perform_request timeout=timeout, File "/usr/lib/python2.7/site-packages/elasticsearch-7.0.1-py2.7.egg/elasticsearch/connection/http_requests.py", line 143, in perform_request self._raise_error(response.status_code, raw_data) File "/usr/lib/python2.7/site-packages/elasticsearch-7.0.1-py2.7.egg/elasticsearch/connection/base.py", line 168, in _raise_error status_code, error_message, additional_info elasticsearch.exceptions.RequestError: RequestError(400, u'illegal_argument_exception', u'Types cannot be provided in put mapping requests, unless the include_type_name parameter is set to true.')

10:03:18.000Z ERROR elastalert-server: ProcessController: Index create exited with code 1 10:03:18.001Z WARN elastalert-server: ProcessController: ElastAlert will start but might not be able to save its data! 10:03:18.001Z INFO elastalert-server: ProcessController: Starting elastalert with arguments [none] 10:03:18.010Z INFO elastalert-server: ProcessController: Started Elastalert (PID: 47) 10:03:18.011Z INFO elastalert-server: Server: Server listening on port 3030 10:03:18.012Z INFO elastalert-server: Server: Websocket listening on port 3333 10:03:18.013Z INFO elastalert-server: Server: Server started 10:03:18.649Z ERROR elastalert-server: ProcessController: Traceback (most recent call last): File "/usr/lib/python2.7/runpy.py", line 174, in _run_module_as_main

10:03:18.649Z ERROR elastalert-server: ProcessController: "main", fname, loader, pkg_name) File "/usr/lib/python2.7/runpy.py", line 72, in _run_code exec code in run_globals File "/opt/elastalert/elastalert/elastalert.py", line 1929, in sys.exit(main(sys.argv[1:])) File "/opt/elastalert/elastalert/elastalert.py", line 1925, in main

10:03:18.650Z ERROR elastalert-server: ProcessController: client.start() File "/opt/elastalert/elastalert/elastalert.py", line 1106, in start

10:03:18.656Z ERROR elastalert-server: ProcessController: self.run_all_rules() File "/opt/elastalert/elastalert/elastalert.py", line 1158, in run_all_rules self.send_pending_alerts() File "/opt/elastalert/elastalert/elastalert.py", line 1534, in send_pending_alerts pending_alerts = self.find_recent_pending_alerts(self.alert_time_limit) File "/opt/elastalert/elastalert/elastalert.py", line 1526, in find_recent_pending_alerts size=1000) File "/usr/lib/python2.7/site-packages/elasticsearch-7.0.1-py2.7.egg/elasticsearch/client/utils.py", line 84, in _wrapped return func(*args, params=params, **kwargs) TypeError: search() got an unexpected keyword argument 'doc_type'

10:03:18.686Z ERROR elastalert-server: ProcessController: ElastAlert exited with code 1 10:03:18.687Z INFO elastalert-server: Server: Stopping server 10:03:18.687Z INFO elastalert-server: ProcessController: ElastAlert is not running 10:03:18.687Z INFO elastalert-server: Server: Server stopped. Bye!

[jdeglopper]

I'm seeing the same issue trying to connect to an Elasticsearch 7.2 server. It appears that the latest versions of the base elastalert package require Python3; I was able to update the build container to use python3, but it appears that the Node project has dependencies on python2:

gyp ERR! find Python checking if "python" can be used
gyp ERR! find Python - executable path is "/usr/bin/python"
gyp ERR! find Python - version is "3.6.8"
gyp ERR! find Python - version is 3.6.8 - should be >=2.6.0 <3.0.0
gyp ERR! find Python - THIS VERSION OF PYTHON IS NOT SUPPORTED
gyp ERR! find Python checking if "python2" can be used
gyp ERR! find Python - "python2" is not in PATH or produced an error

[jdeglopper]

I have an updated PR in #122 which appears to fix this.