-
Notifications
You must be signed in to change notification settings - Fork 231
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Realtime Alerts #25
Comments
this is a great idea. In your mind, how would that work? The way it works typically with UBA products is you can set an email string for an alert type, or model, which may consist of multiple email addresses.. We can add a section to the settings page, where you can enter email groups, That way we can have several email groups you can set for each model job. Thoughts welcomed on this! tagging @kaiiyer . Also @Prinstan, feel free to make a pull request, and put your thoughts down in psuedo code if you want. We will collab on it. |
Yeah I think it's cool to have an alert system. Like UBA gives score to an account out of 100(suppose). If score is below 30 well and good so a low alert or no alert. Up to 70 will be high alert and if score exceeds 70 a critical alert. |
good point @kaiiyer . This relates to the risk.py file, we can make another alert.py file that Risk imports. Lets think about how that fits into the workflow. Probably have an alert job itself that runs after a model jobs. The alert job will analyze all model results, and check for alert criteria to be satisfied... high level thoughts.... @Pristin you wanna help, or would just like us to keep you updated? What made you think of this feature? just curious. |
Hello Team,
I would like to help you,
But I have very little experience in python but I belong to security domain
and hence I suggested this feature.
Can any one help me setup the environment, if need be I will learn python
Because this project has intrested me a lot
…On Sat, 21 Mar, 2020, 10:00 pm Jovonni L. Pharr, ***@***.***> wrote:
good point @kaiiyer <https://github.com/kaiiyer> . This relates to the
risk.py file, we can make another alert.py file that Risk imports.
Lets think about how that fits into the workflow. Probably have an alert
job itself that runs after a model jobs. The alert job will analyze all
model results, and check for alert criteria to be satisfied... high level
thoughts....
@Pristin <https://github.com/Pristin> you wanna help, or would just like
us to keep you updated. What made you think of this feature? just curious.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#25 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AATFROP6KZ56LE4Y7NGV4M3RITTTVANCNFSM4LQ5XONA>
.
|
We should have SMTP configurations in setting.
And a tab for Alerts and Notification.
On Sat, 21 Mar, 2020, 10:29 pm Prinstan Colaco, <[email protected]>
wrote:
… Hello Team,
I would like to help you,
But I have very little experience in python but I belong to security
domain and hence I suggested this feature.
Can any one help me setup the environment, if need be I will learn python
Because this project has intrested me a lot
On Sat, 21 Mar, 2020, 10:00 pm Jovonni L. Pharr, ***@***.***>
wrote:
> good point @kaiiyer <https://github.com/kaiiyer> . This relates to the
> risk.py file, we can make another alert.py file that Risk imports.
>
> Lets think about how that fits into the workflow. Probably have an alert
> job itself that runs after a model jobs. The alert job will analyze all
> model results, and check for alert criteria to be satisfied... high level
> thoughts....
>
> @Pristin <https://github.com/Pristin> you wanna help, or would just like
> us to keep you updated. What made you think of this feature? just curious.
>
> —
> You are receiving this because you were mentioned.
> Reply to this email directly, view it on GitHub
> <#25 (comment)>, or
> unsubscribe
> <https://github.com/notifications/unsubscribe-auth/AATFROP6KZ56LE4Y7NGV4M3RITTTVANCNFSM4LQ5XONA>
> .
>
|
@Prinstan By setting up environment you mean to start working on this project right. Just fork the repo and run it locally by following instructions here. No additional setup is required if you have python and node already. |
No worries, working on it. Will keep this issue updated. |
ElastAlert is a simple framework for alerting on anomalies, spikes, or other patterns of interest from data in Elasticsearch. let me know if this helps you @Jovonni |
Will be looking deeper into elastalert. I like how they have integrations for several platforms, like slack for example. Might be a bit redundant since it focuses on elastic, and elastic has their own alerting mechanism now with the 7.x versions, and we can invoke that functionality via REST. Elastalert May have been ahead of its time! Great project to use for inspiration! Thank you @Prinstan 👏🏾 |
Can we have a realtime alert mechanism via. email.
The text was updated successfully, but these errors were encountered: