- Added back customFields support for The Hive
- Added back TheHive alerter without TheHive4py library
- Integration with Kibana Discover app
- Addied ability to specify opsgenie alert details
- Fix some encoding issues with command alerter
- Better error messages for missing config file
- Fixed an issue with run_every not applying per-rule
- Fixed an issue with rules not being removed
- Fixed an issue with top count keys and nested query keys
- Various documentation fixes
- Fixed an issue with not being able to use spike aggregation
- Remove The Hive alerter
- Fixed an AttributeError introduced in 0.2.0
- Switched to Python 3
- Add rule loader class for customized rule loading
- Added thread based rules and limit_execution
- Run_every can now be customized per rule
- Various small fixes
- Added spike alerts for metric aggregations
- Allow SSL connections for Stomp
- Allow limits on alert text length
- Add optional min doc count for terms queries
- Add ability to index into arrays for alert_text_args, etc
- Fixed bug involving --config flag with create-index
- Fixed some settings not being inherited from the config properly
- Some fixes for Hive alerter
- Close SMTP connections properly
- Fix timestamps in Pagerduty v2 payload
- Fixed an bug causing aggregated alerts to mix up
- Added PagerTree alerter
- Added Line alerter
- Added more customizable logging
- Added new logic in test-rule to detemine the default timeframe
- Fixed an issue causing buffer_time to sometimes be ignored
- Added more options for Opsgenie alerter
- Added more pagerduty options
- Added ability to add metadata to elastalert logs
- Fixed some documentation to be more clear
- Stop requiring doc_type for metric aggregations
- No longer puts quotes around regex terms in blacklists or whitelists
- Added a prefix "metric_" to the key used for metric aggregations to avoid possible conflicts
- Added option to skip Alerta certificate validation
- Fixed a typo in the documentation for spike rule
- Fixed an issue preventing new term rule from working with terms query
- Added prefix/suffix support for summary table
- Added support for ignoring SSL validation in Slack
- More visible exceptions during query parse failures
- Fixed top_count_keys when using compound query_key
- Fixed num_hits sometimes being reported too low
- Fixed an issue with setting ES_USERNAME via env
- Fixed an issue when using test script with custom timestamps
- Fixed a unicode error when using Telegram
- Fixed an issue with jsonschema version conflict
- Fixed an issue with nested timestamps in cardinality type
- Added ability to pipe alert text to a command
- Add --start and --end support for elastalert-test-rule
- Added ability to turn blacklist/whitelist files into queries for better performance
- Allow setting of OpsGenie priority
- Add ability to query the adjacent index if timestamp_field not used for index timestamping
- Add support for pagerduty v2
- Add option to turn off .raw/.keyword field postfixing in new term rule
- Added --use-downloaded feature for elastalert-test-rule
- Fixed a bug that caused num_hits in matches to sometimes be erroneously small
- Fixed an issue with HTTP Post alerter that could cause it to hang indefinitely
- Fixed some issues with string formatting for various alerters
- Fixed a couple of incorrect parts of the documentation
- Add support for setting ES url prefix via environment var
- Add support for using native Slack fields in alerts
- Fixed a bug that would could scrolling queries to sometimes terminate early
- Added ability to add start date to new term rule
- Fixed a bug in create_index which would try to delete a nonexistent index
- Apply filters to new term rule all terms query
- Support Elasticsearch 6 for new term rule
- Fixed is_enabled not working on rule changes
- Alerta alerter
- Added support for transitioning JIRA issues
- Option to recreate index in elastalert-create-index
- Update jira_ custom fields before each alert if they were modified
- Use json instead of simplejson
- Allow for relative path for smtp_auth_file
- Fixed some grammar issues
- Better code formatting of index mappings
- Better formatting and size limit for HipChat HTML
- Fixed gif link in readme for kibana plugin
- Fixed elastalert-test-rule with Elasticsearch > 4
- Added documentation for is_enabled option
- Added a feature forget_keys to prevent realerting when using flatline with query_key
- Added a new alert_text_type, aggregation_summary_only
- Fixed incorrect documentation about es_conn_timeout default
- Added support for Stride formatting of simple HTML tags
- Added support for custom titles in Opsgenie alerts
- Added a denominator to percentage match based alerts
- Fixed a bug with Stomp alerter connections
- Removed escaping of some characaters in Slack messages
- Added support for a value other than in formatted alerts
- Fixed a failed creation of elastalert indicies when using Elasticsearch 6
- Truncate Telegram alerts to avoid API errors
- Added support for Elasticsearch 6
- Added support for mentions in Hipchat
- Fixed an issue where a nested field lookup would crash if one of the intermediate fields was null
- Fixed a bug causing new term rule to break unless you passed a start time
- Add a slight clarification on the localhost:9200 reported in es_debug_trace
- Pinned pytest
- create-index reads index name from config.yaml
- top_count_keys now works for context on a flatline rule type
- Fixed JIRA behavior for issues with statuses that have spaces in the name
- Added Stride alerter
- Allow custom string formatters for aggregation percentage
- Added a field to disable rules from config
- Added support for subaggregations for the metric rule type
- Fixed a bug causing create-index to fail if missing config.yaml
- Fixed a bug when using ES5 with query_key and top_count_keys
- Allow enhancements to set and clear arbitrary JIRA fields
- Fixed a bug causing timestamps to be formatted in scientific notation
- Stop attempting to initialize alerters in debug mode
- Changed default alert ordering so that JIRA tickets end up in other alerts
- Fixed a bug when using Stomp alerter with complex query_key
- Fixed a bug preventing hipchat room ID from being an integer
- Fixed a bug causing duplicate alerts when using spike with alert_on_new_data
- Minor fixes to summary table formatting
- Fixed elastalert-test-rule when using new term rule type
- Fixed an incomplete bug fix for preventing duplicate enhancement runs
- Added support for client TLS keys
- Fixed the formatting of summary tables in Slack
- Fixed ES_USE_SSL env variable
- Fixed the unique value count printed by new_term rule type
- Jira alerter no longer uses the non-existent json code formatter
- Added support for populating JIRA fields via fields in the match
- Added support for using a TLS certificate file for SMTP connections
- Allow a custom suffix for non-analyzed Elasticsearch fields, like ".raw" or ".keyword"
- Added match_time to Elastalert alert documents in Elasticsearch
- Fixed an error in the documentation for rule importing
- Prevent enhancements from re-running on retried alerts
- Fixed a bug when using custom timestamp formats and new term rule
- Lowered jira_bump_after_inactivity default to 0 days
- Added a new alerter "post" based on "simple" which makes POSTS JSON to HTTP endpoints
- Added an option jira_bump_after_inacitivty to prevent ElastAlert commenting on active JIRA tickets
- Removed "simple" alerter, replaced by "post"
- Added a --patience flag to allow Elastalert to wait for Elasticsearch to become available
- Allow custom PagerDuty alert titles via alert_subject
- Fixed a bug where JIRA titles might not use query_key values
- Fixed a bug where flatline alerts don't respect query_key for realert
- Fixed a typo "twilio_accout_sid"
- Added support for env variables in kibana4 dashboard links
- Added ca_certs option for custom CA support
- Fixed a bug where Elastalert would crash on connection error during startup
- Fixed some typos in documentation
- Fixed a bug in metric bucket offset calculation
- Fixed a TypeError in Service Now alerter
- Added support for compound compare key in change rules
- Added support for absolute paths in rule config imports
- Added Microsoft Teams alerter
- Added support for markdown in Slack alerts
- Added error codes to test script
- Added support for lists in email_from_field
- Twilio alerter uses the from number appropriately
- Fixed a TypeError in SNS alerter
- Some changes to requirements.txt and setup.py
- Fixed a TypeError in new term rule
- Set a custom pagerduty incident key
- Preserve traceback in most exceptions
- Fixed a bug causing filters to be ignored when using Elasticsearch 5
- Fixed an issue that would cause filters starting with "query" to sometimes throw errors in ES5
- Fixed a bug with multiple versions of ES on different rules
- Fixed a possible KeyError when using use_terms_query with ES5
- Fixed an AttributeError occuring with older versions of Elasticsearch library
- Made example rules more consistent and with unique names
- Fixed an error caused by a typo when es_username is used
- Added a changelog
- Added metric aggregation rule type
- Added percentage match rule type
- Added default doc style and improved the instructions
- Rule names will default to the filename
- Added import keyword in rules to include sections from other files
- Added email_from_field option to derive the recipient from a field in the match
- Added simple HTTP alerter
- Added Exotel SMS alerter
- Added a readme link to third party Kibana plugin
- Added option to use env variables to configure some settings
- Added duplicate hits count in log line
- Fixed a bug in change rule where a boolean false would be ignored
- Clarify documentation on format of alert_text_args and alert_text_kw
- Fixed a bug preventing new silence stashes from being loaded after a rule has previous alerted
- Changed the default es_host in elastalert-test-rule to localhost
- Fixed a bug preventing ES <5.0 formatted queries working in elastalert-test-rule
- Fixed top_count_keys adding .raw on ES >5.0, uses .keyword instead
- Fixed a bug causing compound aggregation keys not to work
- Better error reporting for the Jira alerter
- AWS request signing now refreshes credentials, uses boto3
- Support multiple ES versions on different rules
- Added documentation for percentage match rule type
- Removed a feature that would disable writeback_es on errors, causing various issues