Fix the empty compound_query_key value #3017
Closed
Commits on Oct 29, 2020
-
Fix the empty compound_query_key value
With the existing codes, the rule['compound_compare_key'] is empty when we have only one query_key in the yaml config. And it breaks the custom_format function and hence throwing the exception. ERROR:root:Traceback (most recent call last): File "/usr/local/home/user/lib64/python3.6/site-packages/elastalert/elastalert.py", line 1458, in alert return self.send_alert(matches, rule, alert_time=alert_time, retried=retried) File "/usr/local/home/user/lib64/python3.6/site-packages/elastalert/elastalert.py", line 1527, in send_alert enhancement.process(match) File "/usr/local/home/user/lib64/python3.6/site-packages/elast_format/custom_format.py", line 117, in process total_hit_real_key = match[self.rule['query_key']] KeyError: 'query_key' It seems that the rule['compound_query_key'] is required all time for various functions to be executed if there is at least one. I have rolled back the change to the previous working one logic, it seems the deletion of rule['query_key'] is not necessary.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.