Watcher alerts null pointer error

Elastic Stack Kibana
,
1

Hey,

I'm trying to get Kibana Watcher alerts to insert documents to new index.
When simulating the script I'm getting the following error:

image
image923×681 62.8 KB

The error seems to be with the aggregations field - null pointer. But I did specify the Alert aggregation and make sure it's got documents with the condition:

"condition": {
    "array_compare": {
      "ctx.payload.aggregations.Alerts.buckets": {
        "path": "doc_count",
        "gte": {
          "value": 10,
          "quantifier": "some"
        }
      }
    }
  }

Am I missing anything?

2

can you share a sample search response?

4

If you are reffering to the dev tools search for my query it is showing null pointer exception:

{
  "took" : 36,
  "timed_out" : false,
  "_shards" : {
    "total" : 210,
    "successful" : 165,
    "skipped" : 165,
    "failed" : 45,
    "failures" : [
      {
        "shard" : 0,
        "index" : "index-2",
        "node" : "CqUsdMeQuRXQ",
        "reason" : {
          "type" : "null_pointer_exception",
          "reason" : null
        }
      },
      {
        "shard" : 0,
        "index" : "index-3",
        "node" : "CqUazb8Ap2MMuRXQ",
        "reason" : {
          "type" : "null_pointer_exception",
          "reason" : null
        }
      },
      {
        "shard" : 0,
        "index" : "index-4",
        "node" : "MFi-XsjYS9caC6nUQ",
        "reason" : {
          "type" : "null_pointer_exception",
          "reason" : null
        }
      },
      {
        "shard" : 0,
        "index" : "index-5",
        "node" : "CqUazok1QJmb8Ap2XQ",
        "reason" : {
          "type" : "null_pointer_exception",
          "reason" : null
        }
      }
    ]
  },
  "hits" : {
    "total" : {
      "value" : 0,
      "relation" : "eq"
    },
    "max_score" : 0.0,
    "hits" : [ ]
  }
}

I'm using Scripted Fields in my query - maybe that could be problematic in queries? because when I'm omitting them the query is good and I'm getting the results.

Edit:
The scripted fields which I'm using are nullable and I think that is the cause - is there any way to check for null inside the Watcher script?

5

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.