Hello,
I am using Elastic stack version 7.9. I am trying to use alerts and actions instead of watcher for my various alerts. Is it possible to filter out some documents? The only options I got is to create an alert for "all documents" or for "top documents".
Also, in the same context, I am trying to use alerts for my APM instances for transaction duration. I got two applications using the same APM index. Does alerting distinguish the duration fields between my two different applications?
Have you tried to use a different alert templates, like the log threshold?
This seems to provide more options to filter your documents as you prefer
Thanks for the suggestion. It would be nice if I could use more comparison operators like
WITH duration MORE THAN 300
It solved some of my cases though, thanks again.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.
