Hello,
I would like to know if it is possible to create alerts with the Elastic Search API. Let me explain;
I have a script below that sends me the traffic of a client during the last 5 minutes:
GET /app-sms-smpp-serversmpp-prd-7.4.2-2020.11.10/_search
{
"query": {
"bool": {
"must": [
{
"term": {
"smpp.serversmpp.data.client": {
"value": "KDEV"
}
}
},
{
"range": {
"@timestamp": {
"from": "now-5m/m",
"to": "now/s"
}
}
}
]
}
}
}
I would like to know if it was possible to create an alert (email for example) that would be triggered when the number of hits for this client during the last 5 minutes is zero for example.
Thank you very much in advance for your help.
Best regards,
Baptiste
mattkime
November 12, 2020, 5:04pm
2
Hello @mattkime ,
Thank you very much for your answer. I can see that Watcher is available only from the gold license.
We're using a free license, is there still a way to do what I want to do using the API ?
Thank you in advance for your help.
Baptiste
mattkime
November 13, 2020, 2:24pm
4
Unfortunately not, but you could try a trial license to determine if the feature would be worthwhile for you.
But I can see that Kibana alerting and actions are available for basics versions:
Can it be accessed? If so, can this feature meet my needs listed above?
What about the anomaly detection jobs ? Could it work ? Is it available on the free version ?
Thanks for your help
mattkime
November 14, 2020, 2:53am
6
@Baptiste_Orsoni
You're correct, Kibana alerts might be worthwhile. This explains the differences between watcher and alerts - https://www.elastic.co/guide/en/kibana/7.x/alerting-getting-started.html#alerting-concepts-differences
It looks like Anomaly detection on time series requires a platinum or enterprise license - https://www.elastic.co/pricing
Thanks,
system
December 12, 2020, 2:53am
7
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
