Kibana alerting mechanism

Jathurshan_Sumandira · July 12, 2022, 12:05pm

Hi Team,

I am using Kibana alert rules and I used Elasticsearch query type. This query is scheduled to run every 1 minute. I have 20 alert rules with Elasticsearch query types.

I need to know that, is it possible to concatenate these rules into one rule?
If not, the performance hit on Elastic DB. Since I am using one particular index for all these queries.

My queries are similar to those below:

1st query: time duration between start-time and end-time is more than 30 seconds
2nd query: time duration between the request time and the response time is more than 60 seconds

hendry.lim · July 15, 2022, 12:27am

Depending on how complex the query is, you will need to combine the query DSL yourself, i.e. try to use a combination of Elasticsearch bool query.

system · August 12, 2022, 12:27am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.