I can create Watcher alerts on aggregations but what I'm struggling with is how do I create a Watcher alert on sub-aggs where the number of sub-aggs in the one top level agg bucket is greater than, say, 5? Thanks
can you be more specific where the problem is?
providing a full blown example with an example search response, and what you want to check for would be of tremendous help.
Thanks!
--Alex
I finally figured it out. Have to use the "cardinality" aggregation to count the number of buckets in my sub-aggregation. Basically I just wanted to see how many buckets were in a sub-aggregation and didn't care about the doc count for those sub-aggregations.
1 Like
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.