How to Compare two different fields value of two different index?

addanuj · May 24, 2018, 6:48pm

i have removed the timestamp as my index do not have it. my bad...
i tried this ---

POST _xpack/watcher/watch/_execute
{
  "watch": 
  {
        "trigger": {
    "schedule": {
      "interval": "30m"
    }
  },
  "input": {
    "search": {
      "request": {
        "search_type": "query_then_fetch",
        "indices": [
          "checkpoint*"
        ],
        "types": [],
        "body": {
          "size": 0,
          "query": {
            "match_all": {}
          }
        }
      }
    }
  },
  "condition": {
    "compare": {
      "ctx.payload.hits.total": {
        "gte": 1
      }
    }
  },
  "actions": {
    "my-logging-action": {
      "logging": {
        "level": "info",
        "text": "ip is {{ctx.payload.hits.hits.0._source.srcip}} "
      }
    }
  }

  }
}

Topic		Replies	Views
Not able to compare two loops in a chain query Elasticsearch elastic-stack-alerting	13	1350	July 20, 2018
Compare field value of two different index Elasticsearch	2	379	June 14, 2018
Compare field value of different index Elasticsearch	1	433	July 6, 2017
Compare three different fields from two different indices in a watcher Elasticsearch	2	587	February 25, 2020
Compare two same filed value from two different indexes Elasticsearch	3	456	February 18, 2020

How to Compare two different fields value of two different index?

Related topics