Watcher creation help

ffmdsuperit · September 27, 2022, 8:20pm

Hello! I'm very new to Elasticsearch and I am attempting to create a Watcher, but I just can't seem to put the pieces together.

I have a index named "transactions". For that index I run this query "TerminalID : 999999 and day_of_week : Fri and OurTime: 11*" and last Friday it returned 7 results when I run it at 12:00PM.

I'd like to have the Watcher look at "1 week ago" till "Today", it should run at 12:00PM, and if the matching results are less than X then trigger an email alert.

Just testing a basic search I have the below "code", but I'm not sure how to limit the search to "1 Week Ago until Today". And I'm not sure this format could translate to a Watcher.

GET /transactions/_search
{
    "query": {
      "query_string": {
        "query": "TerminalID : 999999 and day_of_week : Fri and OurTime: 11*"
      }
    },
    "fields": [
      "TerminalID",
      "day_of_week",
      "OurTime"
    ]
}

I'd really appreciate some assistance with this. Thank you.

system · October 25, 2022, 8:20pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Current Date in watcher Elasticsearch	6	102	April 18, 2024
Watcher query current index by week Kibana	7	1229	December 18, 2019
Sending emails with watcher at a specific time Elasticsearch elastic-stack-alerting	2	929	December 13, 2018
Watcher advanced Elasticsearch elastic-stack-alerting	3	390	June 25, 2019
Compare a value from current index against the previous day Elasticsearch elastic-stack-alerting	2	1950	July 6, 2017

Watcher creation help

Related Topics