The objective is to setup an email alert on heap_utilization where heap_utilization% is greater than 85% group by jvm_name for production enviroment.
I am working on elastic stack version 7.13.0 where I also set up APM agents in the production environment. now I am trying to create a rule or alert on JVM heap usage percentage but there is no such prebuild filed available so I have to create an additional field using a scripted field
"( doc['jvm.memory.heap.used].value / doc['jvm.memory.heap.max'].value ) * 100"
as memoryUsedPct for index pattern "apm-*", this field is visible under discover but for creating rule or email alert the field memoryUsed is not available.
please suggest how to achieve the given objective.
What rule type is this that you're creating? Is it the index threshold, or elasticsearch query rule type, or is it one of the observability rule types?
I just tried, and am unable to use a scripted field defined in a Kibana Index Pattern, in the "grouped over" field. Which means it probably doesn't work for numeric fields used in the actual threshold value being checked.
This did work at some point, so I think we should get an issue opened for this. If you'd like to open one, that's fine, post the link to the issue here and I'll make sure it has all the right labels on it. Or I can open one.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.