Elasticsearch Watcher - convert the milliseconds-since-the-epoch value back into a string

Kathir_J · October 25, 2018, 12:33pm

Hi,

I am currently trying with watcher for anomalies.
Here is my text field which gets notified in slack.

"text": "Machine Learning Results - Object cache size is going to exceed threshold limit.\n Anomalies:\n{{#ctx.payload.hits.hits}}score={{_source.anomaly_score}} at time={{_source.timestamp}}\n{{/ctx.payload.hits.hits}}"

and in slack, it is notified as below.

Machine Learning Results - Object cache size is going to exceed threshold limit.
Anomalies:
score=34.23307635237295 at time=1540379400000
score=32.13437 at time=1540379700000

_source.timestamp is producing milliseconds-since-the-epoch value. But I would like to notify this value as readable date format.

Is there way to format this ?

spinscale · October 25, 2018, 12:57pm

Hey,

you need to do a script transform first to convert the time to an Instant using Instant.ofEpochMilli() and then use java-time methods.

Also be aware, that a transform replaces the existing payload, so you have to make sure you return the full payload and enrich the date fields.

Hope this helps!

--Alex

system · November 22, 2018, 12:59pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Elasticsearch watcher to send Prediction data Elasticsearch elastic-stack-alerting	4	653	November 23, 2018
Watcher Timestamp showing in EPOCH Elasticsearch elastic-stack-alerting	4	901	October 1, 2021
Convert timestamp into date Elasticsearch elastic-stack-machine-learning	4	7805	July 24, 2019
Extract the results of a ML job Elasticsearch elastic-stack-machine-learning	6	849	July 11, 2019
Machine learning typical value not set at the moment of firing watcher Part 2 Elasticsearch elastic-stack-machine-learning , elastic-stack-alerting	7	653	October 2, 2020

Elasticsearch Watcher - convert the milliseconds-since-the-epoch value back into a string

Related Topics