Hello!
I am really a little newbie in Elasticsearch. I need help returning the latency_info.keyword field. I am setting up a wathcer for an API and I need a webhook in teams to show me that field. I have this created:
"aggs": {
"group_by_api": {
"terms": {
"field": "api_name.keyword",
"size": 100,
"order": {
"_count": "desc"
}
}
},
"group_by_app": {
"terms": {
"field": "app_name.keyword",
"size": 100,
"order": {
"_count": "desc"
}
}
},
"group_by_catalog": {
"terms": {
"field": "catalog_name.keyword",
"size": 100,
"order": {
"_count": "desc"
}
}
},
"group_by_space": {
"terms": {
"field": "space_name.keyword",
"size": 100,
"order": {
"_count": "desc"
}
}
},
"group_by_version": {
"terms": {
"field": "api_version.keyword",
"size": 100,
"order": {
"_count": "desc"
}
}
},
"group_by_platform": {
"terms": {
"field": "platform.keyword",
"size": 100,
"order": {
"_count": "desc"
}
}
},
"group_by_resource_id": {
"terms": {
"field": "resource_id.keyword",
"size": 100,
"order": {
"_count": "desc"
}
}
},
"group_by_timestamp": {
"terms": {
"field": "@timestamp",
"size": 100,
"order": {
"_count": "desc"
}
}
},
"group_by_status_code": {
"terms": {
"field": "status_code.keyword",
"size": 100,
"order": {
"_count": "desc"
}
}
},
"group_by_latency": {
"terms": {
"field": "latency_info.keyword",
"size": 100,
"order": {
"_count": "desc"
}
}
},
And then I built a webhook to show all info but the field Latency is quite difficult to show:
"webhook_1": {
"webhook": {
"scheme": "https",
"host": "santandernet.webhook.office.com",
"port": 443,
"method": "post",
"path": "webhookb2/09f76526-2b2d-49b6-92c5-26fd22d63a9e@35595a02-4d6d-44ac-99e1-f9ab4cd872db/IncomingWebhook/288e4ba865e244d29ca77fa5651ba2d1/a37457c5-e6ed-4801-8155-b430ca5e3c56",
"params": {},
"headers": {},
"body": """{
"@type": "MessageCard",
"@context": "http://schema.org/extensions",
"themeColor": "0076D7",
"summary": "SN1Test_Customer-screening_500-InternalServerError_Watchers Kibana_Desarrollo: errors with status code 500 Internal Server Error in the last 10 minute",
"sections": [{
"activityTitle": "SN1Test_Customer-screening_500-InternalServerError_Watchers Kibana_Desarrollo: {{ctx.payload.statuscode.hits.total}} errors {{ctx.payload.statuscode.aggregations.group_by_status_code.buckets.0.key}} in the last 10 minutes",
"activityImage": "https://assets.stickpng.com/images/5a27cdfd52b1cc0d022e6d5c.png",
"facts": [ {
"name": "Reported date",
"value": "**{{ctx.trigger.scheduled_time}}**"
},{
"name": "API Name",
"value": "{{ctx.payload.statuscode.aggregations.group_by_api.buckets.0.key}}"
},{
"name": "API Version",
"value": "{{ctx.payload.statuscode.aggregations.group_by_version.buckets.0.key}}"
},{
"name": "Application",
"value": "{{ctx.payload.statuscode.aggregations.group_by_app.buckets.0.key}}"
},{
"name": "Errors",
"value": "{{ctx.payload.statuscode.hits.total}}"
},{
"name": "Status code",
"value": "{{ctx.payload.statuscode.aggregations.group_by_status_code.buckets.0.key}}"
},{
"name": "Platform",
"value": "{{ctx.payload.statuscode.aggregations.group_by_platform.buckets.0.key}}"
},{
"name": "Gateway IP",
"value": "{{ctx.payload.statuscode.aggregations.group_by_gateway_ip.buckets.0.key}}"
},{
"name": "Catalog",
"value": "{{ctx.payload.statuscode.aggregations.group_by_catalog.buckets.0.key}}"
},{
"name": "Latency",
"value": "{{ctx.payload.statuscode.aggregations.group_by_latency.buckets.key}}"
},{
The problem with this field I guess is that is a nested field like so:
"latency_info": [
{
"task": "Start",
"started": 0
},
{
"task": "PlanRateLimits",
"started": 10
},
{
"task": "apim.security",
"started": 11
},
{
"task": "get-properties",
"started": 21
},
{
"task": "jwt-generate-scib",
"started": 23
},
{
"task": "proxy",
"started": 28
},
{
"task": "if",
"started": 19848
},
{
"task": "BackendError",
"started": 19850
},
{
"task": "catch",
"started": 19852
},
{
"task": "catch",
"started": 19853
},
{
"task": "catch",
"started": 19853
},
{
"task": "catch",
"started": 19854
},
{
"task": "map",
"started": 19856
}
],
I need to return all tasks.
Please a little help.