ElastAlert 2 is a standalone software tool for alerting on anomalies, spikes, or other patterns of interest from data in Elasticsearch and OpenSearch.
ElastAlert 2 is backwards compatible with the original ElastAlert rules.
ElastAlert 2 is well-suited to being run as a microservice, and is available as an image on Docker Hub and on GitHub Container Registry. For more instructions on how to configure and run ElastAlert 2 using Docker, see here.
A Helm chart is also included for easy configuration as a Kubernetes deployment.
Documentation, including an FAQ, for ElastAlert 2 can be found on readthedocs.com. This is the place to start if you're not familiar with ElastAlert 2 at all.
Elasticsearch 8 support is documented in the FAQ.
The full list of platforms that ElastAlert 2 can fire alerts into can be found in the documentation.
Please see our contributing guidelines.
ElastAlert 2 is licensed under the Apache License, Version 2.0.