Hi all.
I use elastic cloud 7.11.0 and we have filebeat and metricbeat running on a k8s cluster. I also have an alert on watcher to send and aletr when a POD in the kubernetes cluster goes down.
Now the query it's fine but I need to make it better, just sending one and only one alert to atlassian (OPSGenie). and not every minute or even every 10. Just one.
Any idea how to make the query?
Cheers
You are in luck, Alert Only Once on state change was just released as part of 7.11.
These new features allow you to do two things
just as you asked notify only once so when the alert fires you can set it to only execute the action once
you can also set the alert to send an alert once when the condition is no longer met / it's resolved
Check out 7.11.1 it has a couple fixes in it that help this functionality work better.
Hi Stephen. That's great news. Is it already available on elastic.co cloud?
Cheers
Just checked and it's available to deploy... great. Thanks again.
I will give it a try tomorrow
Cheers
Hi Stephen. I read and saw the new feature but if I use watcher I am not going to be able to use that feature. is that right?
Alfredo
You need to code it yourself in watchers. Watcher does have alert state if I recall but you would need to write all the logic for only send action on state change.
Ok ... I was guessing that.
Thanks heaps
Cheers
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.