Hi,
We are using elastic cloud Watcher for custom alerting, what I wanted to achieve is to search a field "docker.image" for all the docker containers and check if it is changed since one minute, if it has changed take a action and send a slack notification with new docker.image field value. I have gone through Watcher documentation and getting started guides but I could not find a necessary information about setting a condition on each field that is returned as part of search. Can someone guide me if its possible with Watcher?