I want to create an advanced watcher that monitors a value and if that value does make a jump greater than x then i want to be informed. My guess was to do this with a serial_diff of the average aggregation of that value and compare that to a treshold but i cant get it working. Is it even possible? And if so, how?
Moved to Elasticsearch topic as this is really an ES question.
So I solved it like this. Maybe it's helpful for others. Nevertheless other maybe better solutions are much appreciated.
{
"metadata": {
"..."
},
"trigger": {
"..."
},
"input": {
"search": {
"request": {
"search_type": "query_then_fetch",
"indices": ["...*"],
"types": ["doc"],
"body": {
"size": 0,
"aggs": {
"1": {
"max_bucket": {
"buckets_path": "1-bucket>1-metric"
}
},
"1-bucket": {
"date_histogram": {
"field": "robotime",
"interval": "1h",
"time_zone": "Europe/Berlin",
"min_doc_count": 0
},
"aggs": {
"avg_offset": {
"avg": {
"field": "property.gapMeasurementResultInMm.leftOffset"
}
},
"1-metric": {
"serial_diff": {
"buckets_path": "avg_offset"
}
}
}
}
},
"query": {
"..."
},
}
}
}
},
"condition": {
"script": {
"source": "if (ctx.payload.aggregations.1.value > params.threshold) { return true; } return false;",
"lang": "painless",
"params": {
"threshold": 0.5
}
}
},
"actions": {
"..."
}
}This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.