.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.49.2.
.TH ELASTALERT-TEST-RULE "1" "December 2022" "elastalert-test-rule 0.2.4-3" "User Commands"
.SH NAME
elastalert-test-rule \- elastalert-test-rule
.SH DESCRIPTION
usage: elastalert\-test\-rule [\-h] [\-\-schema\-only] [\-\-days DAYS] [\-\-start START]
.TP
[\-\-end END] [\-\-stop\-error] [\-\-formatted\-output]
[\-\-data FILENAME] [\-\-alert] [\-\-save\-json FILENAME]
[\-\-use\-downloaded]
[\-\-max\-query\-size MAX_QUERY_SIZE] [\-\-count\-only]
[\-\-config CONFIG]
rule
.PP
Validate a rule configuration
.SS "positional arguments:"
.TP
rule
rule configuration filename
.SS "options:"
.TP
\fB\-h\fR, \fB\-\-help\fR
show this help message and exit
.TP
\fB\-\-schema\-only\fR
Show only schema errors; do not run query
.TP
\fB\-\-days\fR DAYS
Query the previous N days with this rule
.TP
\fB\-\-start\fR START
YYYY\-MM\-DDTHH:MM:SS Start querying from this
timestamp.
.TP
\fB\-\-end\fR END
YYYY\-MM\-DDTHH:MM:SS Query to this timestamp. (Default:
present) Use "NOW" to start from current time.
(Default: present)
.TP
\fB\-\-stop\-error\fR
Stop the entire test right after the first error
.TP
\fB\-\-formatted\-output\fR
Output results in formatted JSON
.TP
\fB\-\-data\fR FILENAME
A JSON file containing data to run the rule against
.TP
\fB\-\-alert\fR
Use actual alerts instead of debug output
.TP
\fB\-\-save\-json\fR FILENAME
A file to which documents from the last day or \fB\-\-days\fR
will be saved
.TP
\fB\-\-use\-downloaded\fR
Use the downloaded
.TP
\fB\-\-max\-query\-size\fR MAX_QUERY_SIZE
Maximum size of any query
.TP
\fB\-\-count\-only\fR
Only display the number of documents matching the
filter
.TP
\fB\-\-config\fR CONFIG
Global config file.