Last active
July 9, 2019 06:23
-
-
Save dvas0004/3fd0e7c24c6d06f5095471e7b72b329b to your computer and use it in GitHub Desktop.
Apache NiFi template for elasticsearch alerting : https://blog.davidvassallo.me/2019/04/11/is-it-elastalert-no-it-is-nifi/
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8" standalone="yes"?> | |
| <template encoding-version="1.2"> | |
| <description></description> | |
| <groupId>d562c994-016b-1000-4d13-1985463f364a</groupId> | |
| <name>Alerting</name> | |
| <snippet> | |
| <connections> | |
| <id>2afde8dc-2bf8-33e4-0000-000000000000</id> | |
| <parentGroupId>308545b5-bdca-3d2b-0000-000000000000</parentGroupId> | |
| <backPressureDataSizeThreshold>1 GB</backPressureDataSizeThreshold> | |
| <backPressureObjectThreshold>10000</backPressureObjectThreshold> | |
| <destination> | |
| <groupId>308545b5-bdca-3d2b-0000-000000000000</groupId> | |
| <id>657e33f5-2d83-37d8-0000-000000000000</id> | |
| <type>PROCESSOR</type> | |
| </destination> | |
| <flowFileExpiration>0 sec</flowFileExpiration> | |
| <labelIndex>1</labelIndex> | |
| <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> | |
| <loadBalanceStatus>LOAD_BALANCE_NOT_CONFIGURED</loadBalanceStatus> | |
| <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> | |
| <name></name> | |
| <selectedRelationships>matched</selectedRelationships> | |
| <source> | |
| <groupId>308545b5-bdca-3d2b-0000-000000000000</groupId> | |
| <id>90352099-9a2b-37ad-0000-000000000000</id> | |
| <type>PROCESSOR</type> | |
| </source> | |
| <zIndex>0</zIndex> | |
| </connections> | |
| <connections> | |
| <id>7357079f-0c2c-39e0-0000-000000000000</id> | |
| <parentGroupId>308545b5-bdca-3d2b-0000-000000000000</parentGroupId> | |
| <backPressureDataSizeThreshold>1 GB</backPressureDataSizeThreshold> | |
| <backPressureObjectThreshold>10000</backPressureObjectThreshold> | |
| <destination> | |
| <groupId>308545b5-bdca-3d2b-0000-000000000000</groupId> | |
| <id>778ed3fd-8ebe-3393-0000-000000000000</id> | |
| <type>PROCESSOR</type> | |
| </destination> | |
| <flowFileExpiration>0 sec</flowFileExpiration> | |
| <labelIndex>1</labelIndex> | |
| <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> | |
| <loadBalanceStatus>LOAD_BALANCE_NOT_CONFIGURED</loadBalanceStatus> | |
| <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> | |
| <name></name> | |
| <selectedRelationships>matched</selectedRelationships> | |
| <source> | |
| <groupId>308545b5-bdca-3d2b-0000-000000000000</groupId> | |
| <id>657e33f5-2d83-37d8-0000-000000000000</id> | |
| <type>PROCESSOR</type> | |
| </source> | |
| <zIndex>0</zIndex> | |
| </connections> | |
| <connections> | |
| <id>a156504e-7897-3020-0000-000000000000</id> | |
| <parentGroupId>308545b5-bdca-3d2b-0000-000000000000</parentGroupId> | |
| <backPressureDataSizeThreshold>1 GB</backPressureDataSizeThreshold> | |
| <backPressureObjectThreshold>10000</backPressureObjectThreshold> | |
| <destination> | |
| <groupId>308545b5-bdca-3d2b-0000-000000000000</groupId> | |
| <id>3cf542d0-aaac-3bae-0000-000000000000</id> | |
| <type>PROCESSOR</type> | |
| </destination> | |
| <flowFileExpiration>0 sec</flowFileExpiration> | |
| <labelIndex>1</labelIndex> | |
| <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> | |
| <loadBalancePartitionAttribute></loadBalancePartitionAttribute> | |
| <loadBalanceStatus>LOAD_BALANCE_NOT_CONFIGURED</loadBalanceStatus> | |
| <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> | |
| <name></name> | |
| <selectedRelationships>success</selectedRelationships> | |
| <source> | |
| <groupId>308545b5-bdca-3d2b-0000-000000000000</groupId> | |
| <id>0f2c6809-92cd-3055-0000-000000000000</id> | |
| <type>PROCESSOR</type> | |
| </source> | |
| <zIndex>0</zIndex> | |
| </connections> | |
| <connections> | |
| <id>ae8dbe6b-7d05-3fb7-0000-000000000000</id> | |
| <parentGroupId>308545b5-bdca-3d2b-0000-000000000000</parentGroupId> | |
| <backPressureDataSizeThreshold>1 GB</backPressureDataSizeThreshold> | |
| <backPressureObjectThreshold>10000</backPressureObjectThreshold> | |
| <destination> | |
| <groupId>308545b5-bdca-3d2b-0000-000000000000</groupId> | |
| <id>11234735-f030-3afe-0000-000000000000</id> | |
| <type>PROCESSOR</type> | |
| </destination> | |
| <flowFileExpiration>0 sec</flowFileExpiration> | |
| <labelIndex>1</labelIndex> | |
| <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> | |
| <loadBalanceStatus>LOAD_BALANCE_NOT_CONFIGURED</loadBalanceStatus> | |
| <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> | |
| <name></name> | |
| <selectedRelationships>matched</selectedRelationships> | |
| <source> | |
| <groupId>308545b5-bdca-3d2b-0000-000000000000</groupId> | |
| <id>657e33f5-2d83-37d8-0000-000000000000</id> | |
| <type>PROCESSOR</type> | |
| </source> | |
| <zIndex>0</zIndex> | |
| </connections> | |
| <connections> | |
| <id>c35a0c56-980c-3c50-0000-000000000000</id> | |
| <parentGroupId>308545b5-bdca-3d2b-0000-000000000000</parentGroupId> | |
| <backPressureDataSizeThreshold>1 GB</backPressureDataSizeThreshold> | |
| <backPressureObjectThreshold>10000</backPressureObjectThreshold> | |
| <destination> | |
| <groupId>308545b5-bdca-3d2b-0000-000000000000</groupId> | |
| <id>90352099-9a2b-37ad-0000-000000000000</id> | |
| <type>PROCESSOR</type> | |
| </destination> | |
| <flowFileExpiration>0 sec</flowFileExpiration> | |
| <labelIndex>1</labelIndex> | |
| <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> | |
| <loadBalanceStatus>LOAD_BALANCE_NOT_CONFIGURED</loadBalanceStatus> | |
| <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> | |
| <name></name> | |
| <selectedRelationships>aggregations</selectedRelationships> | |
| <source> | |
| <groupId>308545b5-bdca-3d2b-0000-000000000000</groupId> | |
| <id>d0a5f829-f316-3fbb-0000-000000000000</id> | |
| <type>PROCESSOR</type> | |
| </source> | |
| <zIndex>0</zIndex> | |
| </connections> | |
| <controllerServices> | |
| <id>7b43a0f0-ecea-3747-0000-000000000000</id> | |
| <parentGroupId>308545b5-bdca-3d2b-0000-000000000000</parentGroupId> | |
| <bundle> | |
| <artifact>nifi-elasticsearch-client-service-nar</artifact> | |
| <group>org.apache.nifi</group> | |
| <version>1.9.2</version> | |
| </bundle> | |
| <comments></comments> | |
| <descriptors> | |
| <entry> | |
| <key>el-cs-http-hosts</key> | |
| <value> | |
| <name>el-cs-http-hosts</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>el-cs-username</key> | |
| <value> | |
| <name>el-cs-username</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>el-cs-password</key> | |
| <value> | |
| <name>el-cs-password</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>el-cs-ssl-context-service</key> | |
| <value> | |
| <identifiesControllerService>org.apache.nifi.ssl.SSLContextService</identifiesControllerService> | |
| <name>el-cs-ssl-context-service</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>el-cs-connect-timeout</key> | |
| <value> | |
| <name>el-cs-connect-timeout</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>el-cs-socket-timeout</key> | |
| <value> | |
| <name>el-cs-socket-timeout</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>el-cs-retry-timeout</key> | |
| <value> | |
| <name>el-cs-retry-timeout</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>el-cs-charset</key> | |
| <value> | |
| <name>el-cs-charset</name> | |
| </value> | |
| </entry> | |
| </descriptors> | |
| <name>ElasticSearchClientServiceImpl</name> | |
| <persistsState>false</persistsState> | |
| <properties> | |
| <entry> | |
| <key>el-cs-http-hosts</key> | |
| <value>http://localhost:9200</value> | |
| </entry> | |
| <entry> | |
| <key>el-cs-username</key> | |
| </entry> | |
| <entry> | |
| <key>el-cs-password</key> | |
| </entry> | |
| <entry> | |
| <key>el-cs-ssl-context-service</key> | |
| </entry> | |
| <entry> | |
| <key>el-cs-connect-timeout</key> | |
| </entry> | |
| <entry> | |
| <key>el-cs-socket-timeout</key> | |
| </entry> | |
| <entry> | |
| <key>el-cs-retry-timeout</key> | |
| </entry> | |
| <entry> | |
| <key>el-cs-charset</key> | |
| </entry> | |
| </properties> | |
| <state>DISABLED</state> | |
| <type>org.apache.nifi.elasticsearch.ElasticSearchClientServiceImpl</type> | |
| </controllerServices> | |
| <labels> | |
| <id>1140d5b3-e304-3180-0000-000000000000</id> | |
| <parentGroupId>308545b5-bdca-3d2b-0000-000000000000</parentGroupId> | |
| <position> | |
| <x>18.78833616501612</x> | |
| <y>295.96606586747487</y> | |
| </position> | |
| <height>172.60104370117188</height> | |
| <label>Query Elasticsearch using JSON</label> | |
| <style> | |
| <entry> | |
| <key>font-size</key> | |
| <value>12px</value> | |
| </entry> | |
| </style> | |
| <width>436.27984619140625</width> | |
| </labels> | |
| <labels> | |
| <id>2f6908e2-b5d2-375e-0000-000000000000</id> | |
| <parentGroupId>308545b5-bdca-3d2b-0000-000000000000</parentGroupId> | |
| <position> | |
| <x>807.3354095292738</x> | |
| <y>600.2052321272406</y> | |
| </position> | |
| <height>185.5159149169922</height> | |
| <label>Matched alerts logged to file and sent via email</label> | |
| <style> | |
| <entry> | |
| <key>font-size</key> | |
| <value>12px</value> | |
| </entry> | |
| </style> | |
| <width>920.5878295898438</width> | |
| </labels> | |
| <labels> | |
| <id>31ff5362-3b18-34d9-0000-000000000000</id> | |
| <parentGroupId>308545b5-bdca-3d2b-0000-000000000000</parentGroupId> | |
| <position> | |
| <x>1200.9927581620864</x> | |
| <y>305.0690016584905</y> | |
| </position> | |
| <height>172.60104370117188</height> | |
| <label>Used as our conditional, defined via NiFi expression language</label> | |
| <style> | |
| <entry> | |
| <key>font-size</key> | |
| <value>12px</value> | |
| </entry> | |
| </style> | |
| <width>436.27984619140625</width> | |
| </labels> | |
| <labels> | |
| <id>504875a0-bb73-3e50-0000-000000000000</id> | |
| <parentGroupId>308545b5-bdca-3d2b-0000-000000000000</parentGroupId> | |
| <position> | |
| <x>0.0</x> | |
| <y>240.66749616035602</y> | |
| </position> | |
| <height>593.4108581542969</height> | |
| <label>Alert on Aggregation</label> | |
| <style> | |
| <entry> | |
| <key>background-color</key> | |
| <value>#7ce2fc</value> | |
| </entry> | |
| <entry> | |
| <key>font-size</key> | |
| <value>14px</value> | |
| </entry> | |
| </style> | |
| <width>1738.5302124023438</width> | |
| </labels> | |
| <labels> | |
| <id>a4776276-3172-3d2a-0000-000000000000</id> | |
| <parentGroupId>308545b5-bdca-3d2b-0000-000000000000</parentGroupId> | |
| <position> | |
| <x>581.9083465409925</x> | |
| <y>302.67004535966237</y> | |
| </position> | |
| <height>172.60104370117188</height> | |
| <label>Filter result to pick out the value we'll alert on</label> | |
| <style> | |
| <entry> | |
| <key>font-size</key> | |
| <value>12px</value> | |
| </entry> | |
| </style> | |
| <width>436.27984619140625</width> | |
| </labels> | |
| <labels> | |
| <id>d232778c-f4e8-3f78-0000-000000000000</id> | |
| <parentGroupId>308545b5-bdca-3d2b-0000-000000000000</parentGroupId> | |
| <position> | |
| <x>500.9439947298107</x> | |
| <y>0.0</y> | |
| </position> | |
| <height>225.33682250976562</height> | |
| <label>Email Alert Example</label> | |
| <style> | |
| <entry> | |
| <key>font-size</key> | |
| <value>14px</value> | |
| </entry> | |
| </style> | |
| <width>1121.8448791503906</width> | |
| </labels> | |
| <processors> | |
| <id>0f2c6809-92cd-3055-0000-000000000000</id> | |
| <parentGroupId>308545b5-bdca-3d2b-0000-000000000000</parentGroupId> | |
| <position> | |
| <x>556.8934936378545</x> | |
| <y>60.00931072448307</y> | |
| </position> | |
| <bundle> | |
| <artifact>nifi-elasticsearch-nar</artifact> | |
| <group>org.apache.nifi</group> | |
| <version>1.9.2</version> | |
| </bundle> | |
| <config> | |
| <bulletinLevel>WARN</bulletinLevel> | |
| <comments></comments> | |
| <concurrentlySchedulableTaskCount>1</concurrentlySchedulableTaskCount> | |
| <descriptors> | |
| <entry> | |
| <key>elasticsearch-http-url</key> | |
| <value> | |
| <name>elasticsearch-http-url</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>SSL Context Service</key> | |
| <value> | |
| <identifiesControllerService>org.apache.nifi.ssl.SSLContextService</identifiesControllerService> | |
| <name>SSL Context Service</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>Username</key> | |
| <value> | |
| <name>Username</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>Password</key> | |
| <value> | |
| <name>Password</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>elasticsearch-http-connect-timeout</key> | |
| <value> | |
| <name>elasticsearch-http-connect-timeout</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>elasticsearch-http-response-timeout</key> | |
| <value> | |
| <name>elasticsearch-http-response-timeout</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>proxy-configuration-service</key> | |
| <value> | |
| <identifiesControllerService>org.apache.nifi.proxy.ProxyConfigurationService</identifiesControllerService> | |
| <name>proxy-configuration-service</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>elasticsearch-http-proxy-host</key> | |
| <value> | |
| <name>elasticsearch-http-proxy-host</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>elasticsearch-http-proxy-port</key> | |
| <value> | |
| <name>elasticsearch-http-proxy-port</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>proxy-username</key> | |
| <value> | |
| <name>proxy-username</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>proxy-password</key> | |
| <value> | |
| <name>proxy-password</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>query-es-query</key> | |
| <value> | |
| <name>query-es-query</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>query-es-size</key> | |
| <value> | |
| <name>query-es-size</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>query-es-index</key> | |
| <value> | |
| <name>query-es-index</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>query-es-type</key> | |
| <value> | |
| <name>query-es-type</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>query-es-fields</key> | |
| <value> | |
| <name>query-es-fields</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>query-es-sort</key> | |
| <value> | |
| <name>query-es-sort</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>query-es-limit</key> | |
| <value> | |
| <name>query-es-limit</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>query-es-target</key> | |
| <value> | |
| <name>query-es-target</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>routing-query-info-strategy</key> | |
| <value> | |
| <name>routing-query-info-strategy</name> | |
| </value> | |
| </entry> | |
| </descriptors> | |
| <executionNode>ALL</executionNode> | |
| <lossTolerant>false</lossTolerant> | |
| <penaltyDuration>30 sec</penaltyDuration> | |
| <properties> | |
| <entry> | |
| <key>elasticsearch-http-url</key> | |
| <value>http://localhost:9200</value> | |
| </entry> | |
| <entry> | |
| <key>SSL Context Service</key> | |
| </entry> | |
| <entry> | |
| <key>Username</key> | |
| </entry> | |
| <entry> | |
| <key>Password</key> | |
| </entry> | |
| <entry> | |
| <key>elasticsearch-http-connect-timeout</key> | |
| <value>5 secs</value> | |
| </entry> | |
| <entry> | |
| <key>elasticsearch-http-response-timeout</key> | |
| <value>15 secs</value> | |
| </entry> | |
| <entry> | |
| <key>proxy-configuration-service</key> | |
| </entry> | |
| <entry> | |
| <key>elasticsearch-http-proxy-host</key> | |
| </entry> | |
| <entry> | |
| <key>elasticsearch-http-proxy-port</key> | |
| </entry> | |
| <entry> | |
| <key>proxy-username</key> | |
| </entry> | |
| <entry> | |
| <key>proxy-password</key> | |
| </entry> | |
| <entry> | |
| <key>query-es-query</key> | |
| <value>DestinationAddress:104.20.177.69 AND @timestamp:[now-70s TO now]</value> | |
| </entry> | |
| <entry> | |
| <key>query-es-size</key> | |
| <value>20</value> | |
| </entry> | |
| <entry> | |
| <key>query-es-index</key> | |
| <value>${now():format('yyyy.MM.dd'):prepend('filebeat-')}</value> | |
| </entry> | |
| <entry> | |
| <key>query-es-type</key> | |
| </entry> | |
| <entry> | |
| <key>query-es-fields</key> | |
| </entry> | |
| <entry> | |
| <key>query-es-sort</key> | |
| </entry> | |
| <entry> | |
| <key>query-es-limit</key> | |
| </entry> | |
| <entry> | |
| <key>query-es-target</key> | |
| <value>Flow file content</value> | |
| </entry> | |
| <entry> | |
| <key>routing-query-info-strategy</key> | |
| <value>NEVER</value> | |
| </entry> | |
| </properties> | |
| <runDurationMillis>0</runDurationMillis> | |
| <schedulingPeriod>60 sec</schedulingPeriod> | |
| <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> | |
| <yieldDuration>1 sec</yieldDuration> | |
| </config> | |
| <executionNodeRestricted>false</executionNodeRestricted> | |
| <name>QueryElasticsearchHttp</name> | |
| <relationships> | |
| <autoTerminate>true</autoTerminate> | |
| <name>failure</name> | |
| </relationships> | |
| <relationships> | |
| <autoTerminate>true</autoTerminate> | |
| <name>retry</name> | |
| </relationships> | |
| <relationships> | |
| <autoTerminate>false</autoTerminate> | |
| <name>success</name> | |
| </relationships> | |
| <state>STOPPED</state> | |
| <style/> | |
| <type>org.apache.nifi.processors.elasticsearch.QueryElasticsearchHttp</type> | |
| </processors> | |
| <processors> | |
| <id>11234735-f030-3afe-0000-000000000000</id> | |
| <parentGroupId>308545b5-bdca-3d2b-0000-000000000000</parentGroupId> | |
| <position> | |
| <x>1352.2911030481146</x> | |
| <y>622.2569162039365</y> | |
| </position> | |
| <bundle> | |
| <artifact>nifi-standard-nar</artifact> | |
| <group>org.apache.nifi</group> | |
| <version>1.9.2</version> | |
| </bundle> | |
| <config> | |
| <bulletinLevel>WARN</bulletinLevel> | |
| <comments></comments> | |
| <concurrentlySchedulableTaskCount>1</concurrentlySchedulableTaskCount> | |
| <descriptors> | |
| <entry> | |
| <key>SMTP Hostname</key> | |
| <value> | |
| <name>SMTP Hostname</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>SMTP Port</key> | |
| <value> | |
| <name>SMTP Port</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>SMTP Username</key> | |
| <value> | |
| <name>SMTP Username</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>SMTP Password</key> | |
| <value> | |
| <name>SMTP Password</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>SMTP Auth</key> | |
| <value> | |
| <name>SMTP Auth</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>SMTP TLS</key> | |
| <value> | |
| <name>SMTP TLS</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>SMTP Socket Factory</key> | |
| <value> | |
| <name>SMTP Socket Factory</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>SMTP X-Mailer Header</key> | |
| <value> | |
| <name>SMTP X-Mailer Header</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>attribute-name-regex</key> | |
| <value> | |
| <name>attribute-name-regex</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>Content Type</key> | |
| <value> | |
| <name>Content Type</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>From</key> | |
| <value> | |
| <name>From</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>To</key> | |
| <value> | |
| <name>To</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>CC</key> | |
| <value> | |
| <name>CC</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>BCC</key> | |
| <value> | |
| <name>BCC</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>Subject</key> | |
| <value> | |
| <name>Subject</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>Message</key> | |
| <value> | |
| <name>Message</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>email-ff-content-as-message</key> | |
| <value> | |
| <name>email-ff-content-as-message</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>Attach File</key> | |
| <value> | |
| <name>Attach File</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>Include All Attributes In Message</key> | |
| <value> | |
| <name>Include All Attributes In Message</name> | |
| </value> | |
| </entry> | |
| </descriptors> | |
| <executionNode>ALL</executionNode> | |
| <lossTolerant>false</lossTolerant> | |
| <penaltyDuration>30 sec</penaltyDuration> | |
| <properties> | |
| <entry> | |
| <key>SMTP Hostname</key> | |
| <value>smtp.gmail.com</value> | |
| </entry> | |
| <entry> | |
| <key>SMTP Port</key> | |
| <value>465</value> | |
| </entry> | |
| <entry> | |
| <key>SMTP Username</key> | |
| <value>[email protected]</value> | |
| </entry> | |
| <entry> | |
| <key>SMTP Password</key> | |
| </entry> | |
| <entry> | |
| <key>SMTP Auth</key> | |
| <value>true</value> | |
| </entry> | |
| <entry> | |
| <key>SMTP TLS</key> | |
| <value>false</value> | |
| </entry> | |
| <entry> | |
| <key>SMTP Socket Factory</key> | |
| <value>javax.net.ssl.SSLSocketFactory</value> | |
| </entry> | |
| <entry> | |
| <key>SMTP X-Mailer Header</key> | |
| <value>NiFi</value> | |
| </entry> | |
| <entry> | |
| <key>attribute-name-regex</key> | |
| </entry> | |
| <entry> | |
| <key>Content Type</key> | |
| <value>text/plain</value> | |
| </entry> | |
| <entry> | |
| <key>From</key> | |
| <value>[email protected]</value> | |
| </entry> | |
| <entry> | |
| <key>To</key> | |
| <value>[email protected]</value> | |
| </entry> | |
| <entry> | |
| <key>CC</key> | |
| </entry> | |
| <entry> | |
| <key>BCC</key> | |
| </entry> | |
| <entry> | |
| <key>Subject</key> | |
| <value>Alert!!!</value> | |
| </entry> | |
| <entry> | |
| <key>Message</key> | |
| </entry> | |
| <entry> | |
| <key>email-ff-content-as-message</key> | |
| <value>true</value> | |
| </entry> | |
| <entry> | |
| <key>Attach File</key> | |
| <value>false</value> | |
| </entry> | |
| <entry> | |
| <key>Include All Attributes In Message</key> | |
| <value>false</value> | |
| </entry> | |
| </properties> | |
| <runDurationMillis>0</runDurationMillis> | |
| <schedulingPeriod>0 sec</schedulingPeriod> | |
| <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> | |
| <yieldDuration>1 sec</yieldDuration> | |
| </config> | |
| <executionNodeRestricted>false</executionNodeRestricted> | |
| <name>PutEmail</name> | |
| <relationships> | |
| <autoTerminate>true</autoTerminate> | |
| <name>failure</name> | |
| </relationships> | |
| <relationships> | |
| <autoTerminate>true</autoTerminate> | |
| <name>success</name> | |
| </relationships> | |
| <state>STOPPED</state> | |
| <style/> | |
| <type>org.apache.nifi.processors.standard.PutEmail</type> | |
| </processors> | |
| <processors> | |
| <id>3cf542d0-aaac-3bae-0000-000000000000</id> | |
| <parentGroupId>308545b5-bdca-3d2b-0000-000000000000</parentGroupId> | |
| <position> | |
| <x>1247.6495014856146</x> | |
| <y>62.365528264483345</y> | |
| </position> | |
| <bundle> | |
| <artifact>nifi-standard-nar</artifact> | |
| <group>org.apache.nifi</group> | |
| <version>1.9.2</version> | |
| </bundle> | |
| <config> | |
| <bulletinLevel>WARN</bulletinLevel> | |
| <comments></comments> | |
| <concurrentlySchedulableTaskCount>1</concurrentlySchedulableTaskCount> | |
| <descriptors> | |
| <entry> | |
| <key>SMTP Hostname</key> | |
| <value> | |
| <name>SMTP Hostname</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>SMTP Port</key> | |
| <value> | |
| <name>SMTP Port</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>SMTP Username</key> | |
| <value> | |
| <name>SMTP Username</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>SMTP Password</key> | |
| <value> | |
| <name>SMTP Password</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>SMTP Auth</key> | |
| <value> | |
| <name>SMTP Auth</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>SMTP TLS</key> | |
| <value> | |
| <name>SMTP TLS</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>SMTP Socket Factory</key> | |
| <value> | |
| <name>SMTP Socket Factory</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>SMTP X-Mailer Header</key> | |
| <value> | |
| <name>SMTP X-Mailer Header</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>attribute-name-regex</key> | |
| <value> | |
| <name>attribute-name-regex</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>Content Type</key> | |
| <value> | |
| <name>Content Type</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>From</key> | |
| <value> | |
| <name>From</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>To</key> | |
| <value> | |
| <name>To</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>CC</key> | |
| <value> | |
| <name>CC</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>BCC</key> | |
| <value> | |
| <name>BCC</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>Subject</key> | |
| <value> | |
| <name>Subject</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>Message</key> | |
| <value> | |
| <name>Message</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>email-ff-content-as-message</key> | |
| <value> | |
| <name>email-ff-content-as-message</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>Attach File</key> | |
| <value> | |
| <name>Attach File</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>Include All Attributes In Message</key> | |
| <value> | |
| <name>Include All Attributes In Message</name> | |
| </value> | |
| </entry> | |
| </descriptors> | |
| <executionNode>ALL</executionNode> | |
| <lossTolerant>false</lossTolerant> | |
| <penaltyDuration>30 sec</penaltyDuration> | |
| <properties> | |
| <entry> | |
| <key>SMTP Hostname</key> | |
| <value>smtp.gmail.com</value> | |
| </entry> | |
| <entry> | |
| <key>SMTP Port</key> | |
| <value>465</value> | |
| </entry> | |
| <entry> | |
| <key>SMTP Username</key> | |
| <value>[email protected]</value> | |
| </entry> | |
| <entry> | |
| <key>SMTP Password</key> | |
| </entry> | |
| <entry> | |
| <key>SMTP Auth</key> | |
| <value>true</value> | |
| </entry> | |
| <entry> | |
| <key>SMTP TLS</key> | |
| <value>false</value> | |
| </entry> | |
| <entry> | |
| <key>SMTP Socket Factory</key> | |
| <value>javax.net.ssl.SSLSocketFactory</value> | |
| </entry> | |
| <entry> | |
| <key>SMTP X-Mailer Header</key> | |
| <value>NiFi</value> | |
| </entry> | |
| <entry> | |
| <key>attribute-name-regex</key> | |
| </entry> | |
| <entry> | |
| <key>Content Type</key> | |
| <value>text/plain</value> | |
| </entry> | |
| <entry> | |
| <key>From</key> | |
| <value>[email protected]</value> | |
| </entry> | |
| <entry> | |
| <key>To</key> | |
| </entry> | |
| <entry> | |
| <key>CC</key> | |
| </entry> | |
| <entry> | |
| <key>BCC</key> | |
| </entry> | |
| <entry> | |
| <key>Subject</key> | |
| <value>Alert!!!</value> | |
| </entry> | |
| <entry> | |
| <key>Message</key> | |
| </entry> | |
| <entry> | |
| <key>email-ff-content-as-message</key> | |
| <value>true</value> | |
| </entry> | |
| <entry> | |
| <key>Attach File</key> | |
| <value>false</value> | |
| </entry> | |
| <entry> | |
| <key>Include All Attributes In Message</key> | |
| <value>false</value> | |
| </entry> | |
| </properties> | |
| <runDurationMillis>0</runDurationMillis> | |
| <schedulingPeriod>0 sec</schedulingPeriod> | |
| <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> | |
| <yieldDuration>1 sec</yieldDuration> | |
| </config> | |
| <executionNodeRestricted>false</executionNodeRestricted> | |
| <name>PutEmail</name> | |
| <relationships> | |
| <autoTerminate>true</autoTerminate> | |
| <name>failure</name> | |
| </relationships> | |
| <relationships> | |
| <autoTerminate>true</autoTerminate> | |
| <name>success</name> | |
| </relationships> | |
| <state>STOPPED</state> | |
| <style/> | |
| <type>org.apache.nifi.processors.standard.PutEmail</type> | |
| </processors> | |
| <processors> | |
| <id>657e33f5-2d83-37d8-0000-000000000000</id> | |
| <parentGroupId>308545b5-bdca-3d2b-0000-000000000000</parentGroupId> | |
| <position> | |
| <x>1232.7872708610962</x> | |
| <y>331.48188266500017</y> | |
| </position> | |
| <bundle> | |
| <artifact>nifi-standard-nar</artifact> | |
| <group>org.apache.nifi</group> | |
| <version>1.9.2</version> | |
| </bundle> | |
| <config> | |
| <bulletinLevel>WARN</bulletinLevel> | |
| <comments></comments> | |
| <concurrentlySchedulableTaskCount>1</concurrentlySchedulableTaskCount> | |
| <descriptors> | |
| <entry> | |
| <key>Routing Strategy</key> | |
| <value> | |
| <name>Routing Strategy</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>matched</key> | |
| <value> | |
| <name>matched</name> | |
| </value> | |
| </entry> | |
| </descriptors> | |
| <executionNode>ALL</executionNode> | |
| <lossTolerant>false</lossTolerant> | |
| <penaltyDuration>30 sec</penaltyDuration> | |
| <properties> | |
| <entry> | |
| <key>Routing Strategy</key> | |
| <value>Route to Property name</value> | |
| </entry> | |
| <entry> | |
| <key>matched</key> | |
| <value>${avg:gt(100)}</value> | |
| </entry> | |
| </properties> | |
| <runDurationMillis>0</runDurationMillis> | |
| <schedulingPeriod>0 sec</schedulingPeriod> | |
| <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> | |
| <yieldDuration>1 sec</yieldDuration> | |
| </config> | |
| <executionNodeRestricted>false</executionNodeRestricted> | |
| <name>RouteOnAttribute</name> | |
| <relationships> | |
| <autoTerminate>false</autoTerminate> | |
| <name>matched</name> | |
| </relationships> | |
| <relationships> | |
| <autoTerminate>true</autoTerminate> | |
| <name>unmatched</name> | |
| </relationships> | |
| <state>STOPPED</state> | |
| <style/> | |
| <type>org.apache.nifi.processors.standard.RouteOnAttribute</type> | |
| </processors> | |
| <processors> | |
| <id>778ed3fd-8ebe-3393-0000-000000000000</id> | |
| <parentGroupId>308545b5-bdca-3d2b-0000-000000000000</parentGroupId> | |
| <position> | |
| <x>839.187465352802</x> | |
| <y>624.4746133474912</y> | |
| </position> | |
| <bundle> | |
| <artifact>nifi-standard-nar</artifact> | |
| <group>org.apache.nifi</group> | |
| <version>1.9.2</version> | |
| </bundle> | |
| <config> | |
| <bulletinLevel>WARN</bulletinLevel> | |
| <comments></comments> | |
| <concurrentlySchedulableTaskCount>1</concurrentlySchedulableTaskCount> | |
| <descriptors> | |
| <entry> | |
| <key>Directory</key> | |
| <value> | |
| <name>Directory</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>Conflict Resolution Strategy</key> | |
| <value> | |
| <name>Conflict Resolution Strategy</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>Create Missing Directories</key> | |
| <value> | |
| <name>Create Missing Directories</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>Maximum File Count</key> | |
| <value> | |
| <name>Maximum File Count</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>Last Modified Time</key> | |
| <value> | |
| <name>Last Modified Time</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>Permissions</key> | |
| <value> | |
| <name>Permissions</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>Owner</key> | |
| <value> | |
| <name>Owner</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>Group</key> | |
| <value> | |
| <name>Group</name> | |
| </value> | |
| </entry> | |
| </descriptors> | |
| <executionNode>ALL</executionNode> | |
| <lossTolerant>false</lossTolerant> | |
| <penaltyDuration>30 sec</penaltyDuration> | |
| <properties> | |
| <entry> | |
| <key>Directory</key> | |
| <value>/tmp</value> | |
| </entry> | |
| <entry> | |
| <key>Conflict Resolution Strategy</key> | |
| <value>fail</value> | |
| </entry> | |
| <entry> | |
| <key>Create Missing Directories</key> | |
| <value>true</value> | |
| </entry> | |
| <entry> | |
| <key>Maximum File Count</key> | |
| </entry> | |
| <entry> | |
| <key>Last Modified Time</key> | |
| </entry> | |
| <entry> | |
| <key>Permissions</key> | |
| </entry> | |
| <entry> | |
| <key>Owner</key> | |
| </entry> | |
| <entry> | |
| <key>Group</key> | |
| </entry> | |
| </properties> | |
| <runDurationMillis>0</runDurationMillis> | |
| <schedulingPeriod>0 sec</schedulingPeriod> | |
| <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> | |
| <yieldDuration>1 sec</yieldDuration> | |
| </config> | |
| <executionNodeRestricted>false</executionNodeRestricted> | |
| <name>PutFile</name> | |
| <relationships> | |
| <autoTerminate>true</autoTerminate> | |
| <name>failure</name> | |
| </relationships> | |
| <relationships> | |
| <autoTerminate>true</autoTerminate> | |
| <name>success</name> | |
| </relationships> | |
| <state>STOPPED</state> | |
| <style/> | |
| <type>org.apache.nifi.processors.standard.PutFile</type> | |
| </processors> | |
| <processors> | |
| <id>90352099-9a2b-37ad-0000-000000000000</id> | |
| <parentGroupId>308545b5-bdca-3d2b-0000-000000000000</parentGroupId> | |
| <position> | |
| <x>615.0254351699863</x> | |
| <y>331.4819725586667</y> | |
| </position> | |
| <bundle> | |
| <artifact>nifi-standard-nar</artifact> | |
| <group>org.apache.nifi</group> | |
| <version>1.9.2</version> | |
| </bundle> | |
| <config> | |
| <bulletinLevel>WARN</bulletinLevel> | |
| <comments></comments> | |
| <concurrentlySchedulableTaskCount>1</concurrentlySchedulableTaskCount> | |
| <descriptors> | |
| <entry> | |
| <key>Destination</key> | |
| <value> | |
| <name>Destination</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>Return Type</key> | |
| <value> | |
| <name>Return Type</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>Path Not Found Behavior</key> | |
| <value> | |
| <name>Path Not Found Behavior</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>Null Value Representation</key> | |
| <value> | |
| <name>Null Value Representation</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>avg</key> | |
| <value> | |
| <name>avg</name> | |
| </value> | |
| </entry> | |
| </descriptors> | |
| <executionNode>ALL</executionNode> | |
| <lossTolerant>false</lossTolerant> | |
| <penaltyDuration>30 sec</penaltyDuration> | |
| <properties> | |
| <entry> | |
| <key>Destination</key> | |
| <value>flowfile-attribute</value> | |
| </entry> | |
| <entry> | |
| <key>Return Type</key> | |
| <value>auto-detect</value> | |
| </entry> | |
| <entry> | |
| <key>Path Not Found Behavior</key> | |
| <value>ignore</value> | |
| </entry> | |
| <entry> | |
| <key>Null Value Representation</key> | |
| <value>empty string</value> | |
| </entry> | |
| <entry> | |
| <key>avg</key> | |
| <value>$.2.buckets[0].1.value</value> | |
| </entry> | |
| </properties> | |
| <runDurationMillis>0</runDurationMillis> | |
| <schedulingPeriod>0 sec</schedulingPeriod> | |
| <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> | |
| <yieldDuration>1 sec</yieldDuration> | |
| </config> | |
| <executionNodeRestricted>false</executionNodeRestricted> | |
| <name>EvaluateJsonPath</name> | |
| <relationships> | |
| <autoTerminate>true</autoTerminate> | |
| <name>failure</name> | |
| </relationships> | |
| <relationships> | |
| <autoTerminate>false</autoTerminate> | |
| <name>matched</name> | |
| </relationships> | |
| <relationships> | |
| <autoTerminate>true</autoTerminate> | |
| <name>unmatched</name> | |
| </relationships> | |
| <state>STOPPED</state> | |
| <style/> | |
| <type>org.apache.nifi.processors.standard.EvaluateJsonPath</type> | |
| </processors> | |
| <processors> | |
| <id>d0a5f829-f316-3fbb-0000-000000000000</id> | |
| <parentGroupId>308545b5-bdca-3d2b-0000-000000000000</parentGroupId> | |
| <position> | |
| <x>37.084568223370695</x> | |
| <y>323.94829060446796</y> | |
| </position> | |
| <bundle> | |
| <artifact>nifi-elasticsearch-restapi-nar</artifact> | |
| <group>org.apache.nifi</group> | |
| <version>1.9.2</version> | |
| </bundle> | |
| <config> | |
| <bulletinLevel>WARN</bulletinLevel> | |
| <comments></comments> | |
| <concurrentlySchedulableTaskCount>1</concurrentlySchedulableTaskCount> | |
| <descriptors> | |
| <entry> | |
| <key>el-rest-query</key> | |
| <value> | |
| <name>el-rest-query</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>el-query-attribute</key> | |
| <value> | |
| <name>el-query-attribute</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>el-rest-fetch-index</key> | |
| <value> | |
| <name>el-rest-fetch-index</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>el-rest-type</key> | |
| <value> | |
| <name>el-rest-type</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>el-rest-client-service</key> | |
| <value> | |
| <identifiesControllerService>org.apache.nifi.elasticsearch.ElasticSearchClientService</identifiesControllerService> | |
| <name>el-rest-client-service</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>el-rest-split-up-hits</key> | |
| <value> | |
| <name>el-rest-split-up-hits</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>el-rest-split-up-aggregations</key> | |
| <value> | |
| <name>el-rest-split-up-aggregations</name> | |
| </value> | |
| </entry> | |
| </descriptors> | |
| <executionNode>ALL</executionNode> | |
| <lossTolerant>false</lossTolerant> | |
| <penaltyDuration>30 sec</penaltyDuration> | |
| <properties> | |
| <entry> | |
| <key>el-rest-query</key> | |
| <value>{ | |
| "size": 0, | |
| "_source": { | |
| "excludes": [] | |
| }, | |
| "aggs": { | |
| "2": { | |
| "terms": { | |
| "field": "SourceAddress", | |
| "size": 20, | |
| "order": { | |
| "_term": "desc" | |
| } | |
| }, | |
| "aggs": { | |
| "1": { | |
| "avg": { | |
| "field": "Bytes" | |
| } | |
| } | |
| } | |
| } | |
| }, | |
| "stored_fields": [ | |
| "*" | |
| ], | |
| "script_fields": {}, | |
| "docvalue_fields": [ | |
| "@timestamp", | |
| "GenerateTime", | |
| "ReceiveTime", | |
| "StartTime", | |
| "TimeLogged" | |
| ], | |
| "query": { | |
| "bool": { | |
| "must": [ | |
| { | |
| "query_string": { | |
| "query": "_exists_:Bytes AND SourceAddress:78.133.112.106", | |
| "analyze_wildcard": true, | |
| "default_field": "*" | |
| } | |
| }, | |
| { | |
| "range": { | |
| "@timestamp": { | |
| "gte": 1554930000000, | |
| "lte": 1555016399999, | |
| "format": "epoch_millis" | |
| } | |
| } | |
| } | |
| ], | |
| "filter": [], | |
| "should": [], | |
| "must_not": [] | |
| } | |
| } | |
| }</value> | |
| </entry> | |
| <entry> | |
| <key>el-query-attribute</key> | |
| <value>agg_result</value> | |
| </entry> | |
| <entry> | |
| <key>el-rest-fetch-index</key> | |
| <value>${now():format('yyyy.MM.dd'):prepend('filebeat-')}</value> | |
| </entry> | |
| <entry> | |
| <key>el-rest-type</key> | |
| </entry> | |
| <entry> | |
| <key>el-rest-client-service</key> | |
| <value>7b43a0f0-ecea-3747-0000-000000000000</value> | |
| </entry> | |
| <entry> | |
| <key>el-rest-split-up-hits</key> | |
| <value>splitUp-no</value> | |
| </entry> | |
| <entry> | |
| <key>el-rest-split-up-aggregations</key> | |
| <value>splitUp-no</value> | |
| </entry> | |
| </properties> | |
| <runDurationMillis>0</runDurationMillis> | |
| <schedulingPeriod>60 sec</schedulingPeriod> | |
| <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> | |
| <yieldDuration>1 sec</yieldDuration> | |
| </config> | |
| <executionNodeRestricted>false</executionNodeRestricted> | |
| <name>JsonQueryElasticsearch</name> | |
| <relationships> | |
| <autoTerminate>false</autoTerminate> | |
| <name>aggregations</name> | |
| </relationships> | |
| <relationships> | |
| <autoTerminate>true</autoTerminate> | |
| <name>failure</name> | |
| </relationships> | |
| <relationships> | |
| <autoTerminate>true</autoTerminate> | |
| <name>hits</name> | |
| </relationships> | |
| <relationships> | |
| <autoTerminate>true</autoTerminate> | |
| <name>original</name> | |
| </relationships> | |
| <state>STOPPED</state> | |
| <style/> | |
| <type>org.apache.nifi.processors.elasticsearch.JsonQueryElasticsearch</type> | |
| </processors> | |
| </snippet> | |
| <timestamp>07/09/2019 09:22:44 EEST</timestamp> | |
| </template> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment