Hello Elastic Team,
I was super excited about the new Kibana alerting feature.
Since I am a fan of automation I created in the past my watcher alerts with ansible calling the watcher api.
This was quite easy since you can define the watcher IDs by yourself which makes it easy to create a logic to have a unique name which the automation pipeline can create. Also it is easy to update an existing alert if for example the thershold changed. Due to an ID which we created earlier I can easily update it.
The request was just:
So when I created watchers, I made IDs like
<servername>-<stage>-<alertname> which is super to automate since I can do a reqular pattern.
And there is my question for Kibana Alerting:
In Watcher I was able to set the watcher id, in Kibana alerting I can't set an ID manually. (If it is not UUID4)
This makes it quite difficult to automate for example an update for 200 Alerts. Doing that manually is very time consuming.
And compared to watcher, these are 2 different requests:
POST <kibana host>:<port>/api/alerting/rule/<id>
PUT <kibana host>:<port>/api/alerting/rule/<id>
Is there any way to also set an ID for a Kibana alert like in watcher?
I saw that I could manually create UUID4 IDs, but this will be hard to assign this to for example server names since I cant just put strings in the ID.
Greetings and happy discussing