Hey, I'm kinda a newbie to Elastic search and I am trying to create watcher but having some issues. Below is the code, it would be great if someone could help me resolving the issue.
{
"trigger" : {
"schedule" : {
"daily" : {
"at" : {
"hour" : [ 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 0, 1 ],
"minute" : [0, 5, 10, 15, 20, 25, 30, 35, 40, 45, 50, 55]
}
}
}
},
"input" : {
"search" : {
"request" : {
"indices" : [
"<betdata-{now/d}>",
"<betdata-{now/d-1d}>"
]
},
"body": {
"query": {
"filtered": {
"query": {
"query_string": {
"query": "moduleid:19064 moduleid:19063 moduleid:19075 moduleid:19065 moduleid:19062 moduleid:19061 moduleid:19066",
"analyze_wildcard": true,
"lowercase_expanded_terms": false
}
},
"filter": {
"bool": {
"must": [
{
"range": {
"@timestamp": {
"gte": "now-10m"
}
}
}
]
}
}
}
}
}
}
},
"condition" : {
"compare" : { "ctx.payload.hits.total" : { "lt" : 1 }}
},
"transform" : {
"script" : "return [ watchname : ctx.watch_id, message : "Stopped Receiving Bets On Evolution Platform", "@timestamp" : ctx.execution_time ]"
},
"actions" : {
"email_alert" : {
"throttle_period" : "60m",
"email": {
"to":[
"sdsd@sdsds.com",
"sdsd@sdsds.com"
],
"subject": "[ELASTICSEARCH] {{ctx.watch_id}}: Stopped Receiving Bets On Evolution Platform",
"body": "Please check the Evolution Platform, potential issue.",
"priority": "high"
}
},
"log_error" : {
"logging" : {
"text" : "[WATCHER] {{ctx.payload.message}}",
"category" : "wintech.NoEvolutionBets",
"level" : "INFO"
}
},
"index_payload" : {
"index" : {
"index" : "watcher_alerts",
"doc_type" : "alert"
}
}
}
}