Get alerting from _stats

Hello,

I want to get alerts if the size of data stored exceeds a certain threshold :
...
"total" : {
"store" : {
"size_in_bytes" : 984869969
}
}
...

I don't know how to get _stats hit in watcher and get "size_in_bytes" value. I try this but nothing happen:
{
"trigger": {
"schedule": {
"interval": "50s"
}
},
"input": {
"search": {
"request": {
"search_type": "query_then_fetch",
"indices": [
"_stats"
],
"rest_total_hits_as_int": true
}
}
},
"condition": {
"compare": {
"ctx.payload.hits.total": {
"gte": 1
}
}
},
"actions": {
"send_email": {
"email": {
"profile": "standard",
"to": [
"test@gmail.com"
],
"subject": "Tests",
"body": {
"html": "

it work

Can someone help me to get this alert?

The stats endpoint is not an index and thus cannot be searched. It is a HTTP endpoint, that can be polled using the http input

Thanks,

I'm sure it's the solution but it still don't work, maybe i can't connect to my Elastic cloud cluster:
{
"trigger": {
"schedule": {
"interval": "10s"
}
},
"input": {
"http": {
"request": {
"scheme": "https",
"host": "abcdefghijklmnopqrstuvwxyz123456.europe-west1.gcp.cloud.es.io",
"port": 9243,
"method": "get",
"path": "/_cluster/stats",
"params": {},
"headers": {},
"auth": {
"basic": {
"username": "elastic",
"password": "::es_redacted::"
}
}
}
}
},
"condition": {
"compare": {
"ctx.payload.hits.total": {
"gte": 0
}
}
},
"actions": {
"send_email": {
"email": {
"profile": "standard",
"to": [
"test@gmail.com"
],
"subject": "Tests",
"body": {
"html": "

it work

I find the problem. it was the condition that don't match. i use ctx.payload.indices.store.size_in_bytes and it work

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.