Hi,
I am using Elasticsearch v 7.1. I have several alerts set in Kibana and I need to track when the alert state changes from triggerd back to OK. I need to send the notification when things go back to normal.
Example:
I track if some error data come in an ES index, if there are some, alert triggers and send an email with corresponding error message. When the error data stops comming, alert is going back to the 'normal' state and I need to catch that and send another email.
I looked for several solutions here, but could not implement them, some of them are provided 4 years ago.
Regarding the alerts data, I have only two relevant indexes storing those data:
.opendistro-alerting-alert and .opendistro-alerting-config.
There are also .opendistro-alerting-alert-history* indices but they does not seem to be helpful.
Can anyone assist with this one?
Thanks in advance