Alerts and actions filters

sfenman · August 27, 2020, 9:14pm

Hello,

I am using Elastic stack version 7.9. I am trying to use alerts and actions instead of watcher for my various alerts. Is it possible to filter out some documents? The only options I got is to create an alert for "all documents" or for "top documents".

Also, in the same context, I am trying to use alerts for my APM instances for transaction duration. I got two applications using the same APM index. Does alerting distinguish the duration fields between my two different applications?

markov00 · August 31, 2020, 5:25pm

Have you tried to use a different alert templates, like the log threshold?
This seems to provide more options to filter your documents as you prefer

sfenman · September 1, 2020, 7:32am

Thanks for the suggestion. It would be nice if I could use more comparison operators like

WITH duration MORE THAN 300

It solved some of my cases though, thanks again.

Topic		Replies	Views
Alerting elastic cloud kibana: Filter tresholds in alerts Kibana elastic-stack-alerting	4	316	April 2, 2021
Fire alert for each document with specific value in field Kibana elastic-stack-alerting	6	3417	June 22, 2021
Creating alerts with aggregation and query filter Kibana elastic-stack-alerting	3	1007	January 4, 2023
Alert for every document based on the field value Kibana elastic-stack-alerting	6	1814	February 3, 2023
Uptime alert filtering Synthetics elastic-stack-alerting	6	532	January 19, 2021

Alerts and actions filters

Related topics