Hi, we are creating alerts under the APM Errors Interface, but we want to just filter the errors with http code 500 or more. The interface doesn´t have that option. Do you know any workaround to do this?
Thanks for your help.
Hi, we are creating alerts under the APM Errors Interface, but we want to just filter the errors with http code 500 or more. The interface doesn´t have that option. Do you know any workaround to do this?
Thanks for your help.
Hi @Renzo_Joseph_Arenaza Welcome the community!
Yeah seem like the filter should be available there...
The Workaround today would be to use a DSL Query see here
Your query will be something like
GET apm-*/_search
{
"query": {
"bool": {
"filter": [
{
"range": {
"http.response.status_code": {
"gte": 500
}
}
}
]
}
}
}
Hi Stephen, thank you for your reply. It nice to see that there is an option.
I have one final question. I would like to add this filter just for one service. I know that the field is service.name. I've tried adding this value in the tags label but It hasn't worked. Do you know how to add this?
Regards.
Renzo
tags are just tags that are available for the alert output they do not filter.
Some alerts have a KQL filter (Kibana Query Language) others you build up with Conditions.
This is the Query DSL : You should probably look at this to understand Query DSL a bit
so then to select a particular service you query would like
{
"query": {
"bool": {
"filter": [
{
"range": {
"http.response.status_code": {
"gte": 500
}
}
},
{
"term": {
"service.name": "my-service-name"
}
}
]
}
}
}
Thank you very much @stephenb. We did what you suggested and it worked like a charm =D
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.