Creating a kibana rule to report the table of documents for the hits received in indices

vinitnair93 · May 19, 2022, 9:18am

I have written a kibana rule (Elasticsearch query) that would check every 1 day for an index with size 1

Elasticsearch query -

{
"query":{
"match_all" : {}
},
"fields": [
"@timestamp",
"column_2"
],
"_source": false,
"sort": [
{
"@timestamp": "desc"
}
]
}

When I test the query, It returns me the the correct list of documents.

but for some reason I am unable to receive an Incident on my Jira instance (configured an action that would check if the number of matches is above or equals 1 for the last 24 hours and if yes, then report it as an Incident in Jira (Ihave configured the Jira conector))

For some reason I am unable to get the incidents in Jira

system · June 16, 2022, 9:18am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Create Alert from index data Kibana elastic-stack-alerting	5	1565	August 16, 2022
Kibana alert Kibana elastic-stack-alerting	1	293	August 9, 2022
Filter based on queries saved in an index Elasticsearch	1	379	February 19, 2018
Create a Kibana Rule Kibana painless , kql-kibana-query-language , detection-rules , kibana-plugin-development , eql-elastic-query-language	3	285	December 28, 2023
Time Based Index Query Performance Kibana	2	494	July 27, 2020

Creating a kibana rule to report the table of documents for the hits received in indices

Related topics