I am trying to use the Elasticsearch Query DSL to create an alert
The query consist of LIMIT 100 but the actual output is actually less than 10.
When I did run the test query . Query matched 852597 documents in the last 5m.
What am I doing wrong or missing out?
###Settings below is default
Set the group, threshold, and time window
when count()
over all documents
Is above 10
for the last 5 minutes
Set the number of documents to send
Size 10