How to generate alert for specific host name

swapnali · June 18, 2019, 12:30pm

Hi,

I want to set a trigger when cpu usage reached more than 90% on beat.hostname is elsearchdv1

below are my watcher.json



{
  "trigger": {
    "schedule": {
      "interval": "1s"
    }
  },
  "input": {
    "search": {
      "request": {
        "search_type": "query_then_fetch",
        "indices": [
          "metricbeat-*"
        ],
        "types": [],
        "body": {
          "query": {
              
            "match": {
              "beat.hostname": "elsearchdv1"
            },
            "range": {
              "system.cpu.user.pct": {
                "gt": "0.90"
              }
            }
          }
        }
      }
    }
  },
  "condition": {
    "compare": {
      "ctx.payload.hits.total": {
        "gte": 1
      }
    }
  },
  "actions": {
    "send_email": {
      "email": {
        "profile": "standard",
        "to": [
          "xxx@yyy.com"
        ],
        "subject": "Watcher Notification",
        "body": {
          "text": "CPU Threshold for {{ctx.payload.hits.hits.0._source.host}} exceeded"
        }
      }
    }
  }
}


its not generating an alert please help me in this.

Marius_Dragomir · June 21, 2019, 9:37am

You should use the Threshold alert builder for this. It's in the UI in Kibana, next to the Advanced watch.

Topic		Replies	Views
Assistance needed in creating a watcher alert for specific hostnames if the CPU/memory goes above certain threshold Kibana elastic-stack-alerting	3	386	August 9, 2021
Simple CPU alert Kibana	7	4773	January 17, 2019
Watcher CPU alerts metricbeats Elasticsearch	1	564	April 23, 2019
Watcher Not Trigger for CPU utilization Elasticsearch elastic-stack-alerting	3	936	July 24, 2018
How to get Hostname in email subject for Diskspace alert Elasticsearch elastic-stack-alerting	4	1785	July 27, 2018

How to generate alert for specific host name

Related topics