Hello all,
We have created lots of alerts in our cluster and we are unbale to manage those alerts.
Requirement: We need to 2 or more than 2 watcher in one watch.
Like: for index Metrickbeat-* we have 3 alerts for if:
RAM is more than 60% ,
CPU is more than 80 %,
Disk usage more than 90% these 3 alerts are on same index,
Can any one help me to combine these 3 alerts in one watch.
If you need an alert for that as an OR, I suggest you write it as an Elasticsearch query | Kibana Guide [8.1] | Elastic type rule. This way you can do a boolean query that can combine all 3 of those.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.