I want to trigger an email alert when the document.field.status = fail reaches the defined threshold level. This email alert should be sent only once. How can I do this?
take a look at time and ack based throttling, see https://www.elastic.co/guide/en/elastic-stack-overview/7.3/actions.html#actions-ack-throttle
note that each throttle is reset, once the condition becomes false again.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.