Elasticsearch alarm payload not working

I am facing issues when I try to use the Elastic alarm option. I basically want to monitor 1 specific event and once it happens I want contents of the event to be inserted into the new index .

Email works fine for me.

Currently I see a new document is added into a new index but without any payload/specific information.

"actions": {
"Elasticsearch_alarm_3cb812fc-fb09-43e9-bb9e-780f50002815": {
"name": "Elasticsearch alarm",
"throttle_period": "1s",
"elastic": {
"priority": "low",
"stateless": false,
"message": "{{#ctx.payload.hits.hits}}{ to_field_name_y : {{_source.to_field_name_y}} , from_field_name_x : {{_source.from_field_name_x}} }||{{/ctx.payload.hits.hits}}"
}
}
}

can you share the full example to ease debugging? Thanks!

{
"actions": {
"Elasticsearch_alarm_0738406f-20b4-4e06-b9fc-47b588e1a7d2": {
"name": "Elasticsearch alarm",
"throttle_period": "1s",
"elastic": {
"priority": "low",
"stateless": false,
"message": "{{#ctx.payload.hits.hits}}To {{_source.to_field_name}}, From {{_source.from_field_name}}{{/ctx.payload.hits.hits}}"
}
}
},
"input": {
"search": {
"request": {
"index": [
“test-live"
],
"body": {
"size": 0,
"aggs": {
"2": {
"terms": {
"field": "from_field_name.keyword",
"size": 5,
"order": {
"_count": "desc"
}
}
}
},
"version": true,
"_source": {
"excludes":
},
"query": {
"bool": {
"must": [
{
"match_all": {}
},
{
"query_string": {
"query": "to_field_name:(123456789) AND from_field_name:(711*)”,
"analyze_wildcard": true
}
},
{
"range": {
"ingestion_time": {
"gte": "now-1m",
"lte": "now"
}
}
}
],
"must_not":
}
},
"highlight": {
"pre_tags": [
"@kibana-highlighted-field@"
],
"post_tags": [
"@/kibana-highlighted-field@"
],
"fields": {
"": {
"highlight_query": {
"bool": {
"must": [
{
"match_all": {}
},
{
"query_string": {
"query": "to_field_name:(123456789) AND from_field_name:(711
)”,
"analyze_wildcard": true
}
},
{
"range": {
"ingestion_time": {
"gte": "now-1m",
"lte": "now"
}
}
}
],
"must_not":
}
}
}
},
"fragment_size": 2147483647
}
}
}
}
},
"condition": {
"script": {
"script": "payload.hits.total > 0"
}
},
"trigger": {
"schedule": {
"later": "every 15 seconds"
}
},
"disable": false,
"report": false,
"title": "watcher_ym_new",
"save_payload": true,

}

your script does not work as expected. it must ctx.payload.hits.total. Also please share the output of the Execute Watch API

one last tidbit: Please take the time to format your code samples properly. This forum supports markdown and using it will make your posts infinitely more readable. Thanks!