Elasticsearch Watcher Rate function query

Hi All,
I wish to create a watch in elasticsearch based on rate function of logstash emitted events as seen in monitoring overview of logstash.
How should i go about in creating a watch for the purpose as in if rate of events emitted goes below a threshold, then trigger an alarm?

A single-value metrics aggregation that sums up numeric values that are extracted from the aggregated documents. These values can be extracted either from specific numeric fields in the documents, or be generated by a provided script.

@Brigance The metrics that i am seeing in the overview dashboard seem to aggregated using some metric name. I am actually unable to formulate a script/query for the metric to create a watcher alarm.

These values can be extracted either from specific numeric fields in the documents, or be generated by a provided script.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.