Match multiple searchs in single watcher

Chaitra_Ranganna · May 30, 2018, 7:07pm

Hi
I have requirement where I need to match multiple patterns from the same the index and raise a alert for each pattern.

For example Index "test*" contains below data for field text

text: cluster is unavailable or misconfigured
text: cannot process template resource

Should I write separate watcher to handle the above two patterns or can I accommodate multiple search in single watcher?

richcollier · May 31, 2018, 1:03am

Hi - this is best accomplished with a chained input. A recent discussion on this topic is here.

system · June 28, 2018, 1:03am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Watcher alert for matching multiple fields in same index Kibana elastic-stack-alerting	3	926	June 29, 2021
Watcher input index wildcard Elasticsearch elastic-stack-alerting	2	951	June 12, 2017
Watcher matching isn't working - any help? Elasticsearch elastic-stack-alerting	3	1037	July 6, 2017
Elasticsearch watcher multiple indices Elasticsearch elastic-stack-alerting	3	723	July 2, 2019
Multiple alerts from a single watch script - feasible? Elasticsearch elastic-stack-alerting , painless	2	489	July 6, 2022