Ping alert only in specific time period during the day

Hello,

I have implemented the following advanced watcher alert:
     >   {
>           "trigger": {
>             "schedule": {
>               "interval": "1m"
>             }
>           },
>           "input": {
>             "search": {
>               "request": {
>                 "search_type": "query_then_fetch",
>                 "indices": [
>                   "heartbeat-*"
>                 ],
>                 "rest_total_hits_as_int": true,
>                 "body": {
>                   "size": 0,
>                   "query": {
>                     "bool": {
>                       "must": [
>                         {
>                           "term": {
>                             "url.full": "https://shop.matik.ch:443"
>                           }
>                         },
>                         {
>                           "term": {
>                             "monitor.status": {
>                               "value": "down"
>                             }
>                           }
>                         }
>                       ],
>                       "filter": [
>                         {
>                           "range": {
>                             "@timestamp": {
>                               "gte": "now-1m"
>                             }
>                           }
>                         }
>                       ]
>                     }
>                   }
>                 }
>               }
>             }
>           },
>           "condition": {
>             "compare": {
>               "ctx.payload.hits.total": {
>                 "gt": 0
>               }
>             }
>           },
>           "actions": {
>             "send_email": {
>               "email": {
>                 "profile": "standard",
>                 "to": [
>                   "<alexandros.ananikidis@sag-ag.ch>,<Panayiotis.Stathis@sag-ag.ch>,<Manuel.Fischer@sag-ag.ch>,<D-GRPSAGInformatike-commerce@sag-ag.ch>,<helpdesk@sag-ag.ch>,<thi.nguyen@bbv.vn>,<franco.chiellino@umb.ch>"
>                 ],
>                 "subject": "https://shop.matik.ch is DOWN",
>                 "body": {
>                   "text": "The Watch [{{ctx.metadata.name}}] has occured ({{ctx.payload.hits.total}}) times the last 1 minute."
>                 }
>               }
>             }
>           }
>         }
BUT, i want the alert to make checks only during a specific time period.
For example i want from 1:10 to 2:10 AM every night not to make ping checks at all because my server URL is down anyway that time and i receive alerts that i dont need.

Help please?

Thank you

You'll need to add that requirement as a condition in the Watcher script, possibly using ctx['execution_time']

See: https://www.elastic.co/guide/en/elasticsearch/painless/current/painless-watcher-condition-context.html

BTW Watcher topics like this usually go in the Elasticsearch category: https://discuss.elastic.co/c/elasticsearch/6, but I hope this helps :slight_smile:

Hello Thank you for your answer.

I tried a cron expression. Nevertheless i face the following problem:

{
"trigger": {
"schedule": {
"cron": [
"0 * 0-2 * * ?",
"0 * 3-23 * * ?",
"0 15-59 23 * * ?",
"0 30-59 2-3 * * ?"
]
}
}

I dont want to make ping checks every day from (23:00 to 23:15) and from (02:00 to 02:30) UTC time.
But with the cron expression that i have above i still get them...
How should i change it in order not to receive alerts from (23:00 to 23:15) and from (02:00 to 02:30) UTC time ?

thank you :slight_smile:

I believe problem is now solved. I change my Cron expression like that:

"trigger": {
"schedule": {
"cron": [
"0 * 0-1 * * ?",
"0 * 3-22 * * ?",
"0 30-59 2 * * ?",
"0 15-59 23 * * ?"
]
}
}

Thank you :slight_smile:

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.