I'm looking to create a filesystem monitor based off of metricbeat and this sample watch.
I want to perform a webhook action to create tickets in our ticketing system. However, if multiple servers/filesystems return over the threshold, I want to create separate tickets for each. So essentially loop through an action for each returned document. Is there a way to accomplish this, or a good strategy to perform this task?
Thanks,
Dave
Hey Dave,
watcher itself cannot do this currently. I think the easiest way is to send the data over to logstash using the http input of logstash and the webhook action from watcher and then do this on the logstash side, which is more flexible.
--Alex
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.