i am not getting any output and getting number match exception in output in 2nd query.
Please suggest.
i want to use match like {
"match": {
"http.response.status_code": "<500 && >599"
}
},
and want output but in output it says number format expression.
query
{
"trigger": {
"schedule": {
"interval": "2m"
}
},
"input": {
"chain": {
"inputs": [
{
"first": {
"search": {
"request": {
"search_type": "query_then_fetch",
"indices": [
"heartbeat-"
],
"types": [],
"body": {
"query": {
"bool": {
"must": [
{
"match_phrase": {
"http.url": "https://nexus-amazon-uat.xyz.intranet/"
}
},
{
"match": {
"monitor.status": "up"
}
},
{
"range": {
"@timestamp": {
"gte": "now-28d"
}
}
}
]
}
},
"_source": [
"message"
]
}
}
}
}
},
{
"second": {
"search": {
"request": {
"search_type": "query_then_fetch",
"indices": [
"heartbeat-"
],
"types": ,
"body": {
"query": {
"bool": {
"must": [
{
"match_phrase": {
"http.url": "https://nexus-amazon-uat.xyz.intranet/"
}
},
{
"match": {
"http.response.status_code": "<500 && >599"
}
},
{
"range": {
"@timestamp": {
"gte": "now-28d"
}
}
}
]
}
},
"_source": [
"message"
]
}
}
}
}
}
]
}
},
"condition": {
"script": {
"source": "ctx.vars.SLO_percentage = ctx.payload.second.hits.total * 100 / ctx.payload.first.hits.total; return ctx.vars.SLO_percentage <= 100",
"lang": "painless"
}
},
"actions": {
"email_administrator": {
"email": {
"profile": "standard",
"from": "noreply-ESaaS@xyz.com",
"to": [
"ajay@xyz.com"
],
"subject": "ELASTIC STACK ALERT: SLO nexus V3 internal availability (https://nexus-amazon-uat.xyz.intranet/) - SLO breached {{ctx.vars.SLO_percentage}} % Success )",
"body": {
"html": "--Alerts Notification Details--
This alert triggered because a total of {{ctx.payload.second.hits.total}} Nexusv3 success hits and {{ctx.payload.first.hits.total}} nexusv3 total hits were found in the application within the last 28 days!"
}
}
}
},
"metadata": {
"app": "dxdt",
"description": "Alert if status is down",
"env": "DX DT/Nexusv3_SLO UAT"
},
"throttle_period_in_millis": 900000
}