Optimize / combine number of watcher

mangeshmj1992 · April 19, 2022, 6:49am

Hello all,
We have created lots of alerts in our cluster and we are unbale to manage those alerts.

Requirement: We need to 2 or more than 2 watcher in one watch.
Like: for index Metrickbeat-* we have 3 alerts for if:

RAM is more than 60% ,
CPU is more than 80 %,
Disk usage more than 90% these 3 alerts are on same index,

Can any one help me to combine these 3 alerts in one watch.

Marius_Dragomir · April 20, 2022, 4:22pm

If you need an alert for that as an OR, I suggest you write it as an Elasticsearch query | Kibana Guide [8.1] | Elastic type rule. This way you can do a boolean query that can combine all 3 of those.

system · May 18, 2022, 4:23pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Create 1 alert monitor for missing logs on multiple index Kibana elastic-stack-alerting	2	293	March 2, 2023
Watcher alert for matching multiple fields in same index Kibana elastic-stack-alerting	3	932	June 29, 2021
Alerting In AWS Elasticsearch Kibana Elasticsearch elastic-stack-monitoring , elastic-stack-alerting	2	523	November 3, 2020
Watcher alert not working for multiple query with percentage calculation Kibana elastic-stack-alerting	3	877	October 13, 2020
Elasticsearch Watcher for multiple hosts Elasticsearch elastic-stack-alerting	5	2022	April 18, 2019