Kibana Alerts - Is there a way to schedule rule execution at a specific time daily?

Tortoise · June 12, 2026, 6:34am

Hello Community,

I am working with Kibana Alerting rules and have a use case where I need an alert to execute at a fixed time every day (e.g., every day at 03:00 UTC), rather than on a recurring interval like "every 1 hour" or "every 24 hours from whenever it was first enabled."

The interval-based scheduling in Kibana rules means the execution time drifts depending on when the rule was created or last enabled which doesn't work for our requirement.

My questions:

Is there any native way in Kibana Alerting (Stack Alerts, Security Rules, or otherwise) to schedule a rule at a specific clock time (cron-style) rather than a fixed interval?
If not, is Elasticsearch Watcher currently the only supported path for time-of-day-specific scheduled execution?
Are there any workarounds within Kibana?

Any ElasticStack version 8.x , 9.x ?

Thanks in advance!!

leandrojmp · June 12, 2026, 1:05pm

Unfortunately no, they are only interval based.

If you are on 9.3+ and have an Enterprise license you can use the new Workflow features to do scheduled actions, like run an ESQL query for example.

Tortoise · June 12, 2026, 1:27pm

Thank you @leandrojmp

Topic		Replies	Views
Running Rules at Specific Time Kibana elastic-stack-alerting	1	323	March 12, 2025
Setup Kibana Watcher to run during a particular window Kibana elastic-stack-alerting	1	478	June 10, 2019
Possible to have Kibana rules check at fixed times? Kibana	0	262	December 9, 2021
Kibana alert Kibana elastic-stack-alerting	2	330	April 18, 2023
Kibana alert \| Custom interval Kibana elastic-stack-alerting	0	235	June 1, 2022

Kibana Alerts - Is there a way to schedule rule execution at a specific time daily?

Related topics