Search for a variable string in Kibana

I am new to Kibana. I have a log message coming and I want to extract some field and fire an alert:

{"msg":"Certificate is going to expire in 1088 Regenerate the same","date":1088}

I want to extract the date info to fire an alert if the date is less than 60 Is there any way this can be handled using some query in kibana?

Am thinking that you would need to Use a Painless script as a watcher condition (https://www.elastic.co/guide/en/elastic-stack-overview/6.5/condition-script.html) to test your condition and trigger an alert. or even better to use a Painless script to transform watch data into a new payload for use in a response to a condition.

Cheers
Rashmi

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.