Elasticsearch Watcher Capabilities

umityayla · April 3, 2023, 7:12am

Hello,

We plan to implement such a watcher that will regex a field in the documents that are found and pass it to the clients. What I mean is;

Let's assume there are 2 documents like below;

{
  "_type": "_doc",
  "_id": "VbnxRYcBbONNOA7tHnlq",
  "_version": 1,
  "_score": 1,
  "_ignored": [
    "Message.keyword"
  ],
  "_source": {
    "Message": "Result is: true, data is: qqq",
    "LogType": "Info",
    "LogDate": "2023-04-03T07:07:22.5906183Z"
  },
  "fields": {
    "Message": [
      "Result is: true, data is: qqq"
    ],
    "LogType": [
      "Info"
    ],
    "LogDate": [
      "2023-04-03T07:07:22.590Z"
    ]
  }
}

{
  "_type": "_doc",
  "_id": "VbnxRYcBbONNOA7tHnlq",
  "_version": 1,
  "_score": 1,
  "_ignored": [
    "Message.keyword"
  ],
  "_source": {
    "Message": "Result is: true, data is: qqq",
    "LogType": "Info",
    "LogDate": "2023-04-03T07:07:22.5906183Z"
  },
  "fields": {
    "Message": [
      "Result is: false, data is: qqq"
    ],
    "LogType": [
      "Info"
    ],
    "LogDate": [
      "2023-04-03T07:07:22.590Z"
    ]
  }
}

We want to use the result/data fields in the document. We'll go for separate fields as a last resort.

system · May 1, 2023, 7:12am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Ability to search ES based on a result of previous search in a watcher Elasticsearch elastic-stack-alerting	7	2490	April 27, 2020
Watcher matching isn't working - any help? Elasticsearch elastic-stack-alerting	3	1037	July 6, 2017
Adding/editing fields through watcher Elasticsearch elastic-stack-alerting	7	3252	April 4, 2017
Info from document in watcher alert Elasticsearch elastic-stack-alerting	3	966	July 6, 2017
Watcher creation help Elasticsearch elastic-stack-alerting	1	181	October 25, 2022

Elasticsearch Watcher Capabilities

Related Topics