hi i configure elastalert for alerting via mail if disk used is > 50%.

my config is:
name: Disk alert

type: metric_aggregation

es_host: elasticsearch_ip

es_port: 9200

index: metricbeat-*

#timeframe:

hours: 1

#buffer_time:

hours: 1

metric_agg_key: system.fsstat.total_size.used

metric_agg_type: avg

query_key: beat.hostname

doc_type: metricsets

max_threshold: 0.5

bucket_interval:

seconds: 60

sync_bucket_interval: true

my issue is :

Ran Disk alert from 2019-09-13 11:05 WEST to 2019-09-13 11:09 WEST: 0 query hits (0 already seen), 0 matches, 0 alerts sent

i can't get no email plllz someone can help me????

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.