I have written a kibana rule (Elasticsearch query) that would check every 1 day for an index with size 1
Elasticsearch query -
{
"query":{
"match_all" : {}
},
"fields": [
"@timestamp",
"column_2"
],
"_source": false,
"sort": [
{
"@timestamp": "desc"
}
]
}
When I test the query, It returns me the the correct list of documents.
but for some reason I am unable to receive an Incident on my Jira instance (configured an action that would check if the number of matches is above or equals 1 for the last 24 hours and if yes, then report it as an Incident in Jira (Ihave configured the Jira conector))
For some reason I am unable to get the incidents in Jira