Access to aggregation results using kibana alerting

Elastic Stack Kibana
1

Hello, I'm facing a problem with Kibana alerting:

  1. I defined my query DSL and defined an aggregation
  2. I want to access the result of the aggregation returned using the query. Kibana only suggest {{context.hits}} but I'm not interested on hits, instead I'm interested on something like {{context.aggregations}} but doesn't work. Is it also possible to use the ctx like in watchers ?

below the aggregations response :

#top of response ...
  "aggregations" : {
    "job_status" : {
      "doc_count_error_upper_bound" : 0,
      "sum_other_doc_count" : 0,
      "buckets" : [
        {
          "key" : "value1",
          "doc_count" : 53017
        },
        {
          "key" : "value2",
          "doc_count" : 52977
        },
        {
          "key" : "value3",
          "doc_count" : 40
        }
      ]
    }
  }

what i'm looking for:

image

Youssef
Thank you

2

Hi Youssef,

For an ES query rule type only certain properties of the query are supported, and aggs are not: Elasticsearch query | Kibana Guide [8.5] | Elastic. We have an issue open to work on this, so you can follow along if you would like.

As an alternative to an ES query rule we would recommend using the index threshold rule type, which does a terms aggregation via the grouping over a field.

-Alexi

3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.