Hi,
I would like to alert by mail when a specific term appeared on a index.
Example for windows event log
- event.id: 4770
I don't think it's possible right now ? Is there any plan to support that features ?
Thanks
It is possible using the Log threshold alert type. But to send a Mail you need to Switch to a gold license First
You are right, i need first to change the index in Observability => Log => Settings
I put ecs-* on index settings, so i cannot specify and specific index for an alert log ?
I have a lot of index type behind ecs-, i'm affraid it can affect elasticsearch performance
Thanks
I'm in 7.11.1 so Index threshold don't look what i need (send an alert for a specific event).
But it in 7.12 there is a new feature called "Elasticsearch query alert" What’s new in 7.12 | Kibana Guide [7.12] | Elastic and it's look like this feature matches my needs
Thanks for your help!
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.