ELASTALERT-TEST-RULE

NAME

elastalert-test-rule - elastalert-test-rule

DESCRIPTION

usage: elastalert-test-rule [-h] [--schema-only] [--days DAYS] [--start START]
[--end END] [--stop-error] [--formatted-output]

[--data FILENAME] [--alert] [--save-json FILENAME] [--use-downloaded] [--max-query-size MAX_QUERY_SIZE] [--count-only] [--config CONFIG] rule

Validate a rule configuration

positional arguments:

rule

rule configuration filename

options:

-h, --help

show this help message and exit

--schema-only

Show only schema errors; do not run query

--days DAYS

Query the previous N days with this rule

--start START

YYYY-MM-DDTHH:MM:SS Start querying from this timestamp.

--end END

YYYY-MM-DDTHH:MM:SS Query to this timestamp. (Default: present) Use "NOW" to start from current time. (Default: present)

--stop-error

Stop the entire test right after the first error

--formatted-output

Output results in formatted JSON

--data FILENAME

A JSON file containing data to run the rule against

--alert

Use actual alerts instead of debug output

--save-json FILENAME

A file to which documents from the last day or --days will be saved

--use-downloaded

Use the downloaded

--max-query-size MAX_QUERY_SIZE

Maximum size of any query

--count-only

Only display the number of documents matching the filter

--config CONFIG

Global config file.