Kibana Alerting

Roey · March 8, 2021, 4:38pm

Hey,
I'm using Kibana 7.9.1 and recently I've started to explore Monitoring and Alerting, I have few questions:
I have a monitor with an active trigger, the alert has been triggered for some reason only once.
Besides, I'm not sure where can I find the log or reason that made the trigger, I only see the trigger with no details(For example, I don't see the IP that made the trigger).

Another issue, when I'm creating a monitor using "Define using extraction query" I can only use the ctx.results[0].hits.total.value > 0 I don't know how to do the same but with buckets values.

Thank you

tsullivan · March 17, 2021, 1:45am

You'll want to go into the Management page for Alerts and look for the alert definition: Alert details | Kibana Guide [7.9] | Elastic for the "instances" of the alert.

You'll want to use Dev Tools to work out a query that has some bucket aggregations, so that the search result contains bucket values. See Bucket aggregations | Elasticsearch Guide [8.11] | Elastic

Hope this helps! If not, please feel free to add more details to the questions.

Topic		Replies	Views
Alerting related queries Kibana elastic-stack-alerting	2	253	March 23, 2023
Kibana alert Kibana elastic-stack-alerting	1	278	December 22, 2022
Does Kibana Alerting API also configure Elastic Stack Monitoring Alerts? Kibana elastic-stack-alerting	5	402	June 23, 2021
Kibana Alerting Missing Issue Kibana elastic-stack-alerting	4	840	December 10, 2020
How to setup an alert which checks for a keyword Kibana	2	750	July 16, 2020

Kibana Alerting

Related topics