Add realert_key feature

[Goggin]

Description

Add realert_key option to rules that defaults to the rule name. Allows you to reuse the silence cache for multiple rules. We use this for account lockouts, if a user triggers multiple lockout rules, we don't want to call the lockout scripts multiple times.

Checklist

• I have reviewed the contributing guidelines.
• I have included unit tests for my changes or additions.
• I have successfully run make test-docker with my changes.
• I have manually tested all relevant modes of the change in this PR.
• I have updated the documentation.
• I have updated the changelog.

Questions or Comments

Unsure if I need to write a specific test for this, since it is just a modification of what is set in the silence_cache_key, but I can write one if desired.

[jertel]

I'm wondering if this line 1680, and line 888, should also use the new rule['realert_key'] instead of rule['name']. If you made that change it would let users run elastalert from the command line, with the silence args and still silence an entire group of alerts instead of only one alert. For backward compatibility, line 888 could still check for rule['name'] + "._silence" so that pre-upgrade silenced rules remain silenced after the upgrade, but also check for `rule['realert_key'] + "._silence". Thoughts?

I can see how this contribution could be useful to some folks. Thanks for submitting the PR!

[Goggin]

I didn't do it for that because they may just want to manually silence a specific rule. Maybe there needs to be an option for both ?

[jertel]

Ok, that's fine with me to leave it as-is. I'll leave this open through tomorrow for any others to review.

[Goggin]

Sounds good to me. Thanks for your quick reply in anycase.