here is the output.
Please remember i have sanitized my email and server name. also for testing i have created test index and sending you output from it.
{
"watch_id": "test",
"node": "L29Yn4oVTH2y5vUj8iXuLQ",
"state": "executed",
"user": "elastic",
"status": {
"state": {
"active": true,
"timestamp": "2020-03-12T15:30:17.799Z"
},
"last_checked": "2020-03-12T15:30:30.118Z",
"last_met_condition": "2020-03-12T15:30:30.118Z",
"actions": {
"email_administrator": {
"ack": {
"timestamp": "2020-03-12T15:30:30.118Z",
"state": "ackable"
},
"last_execution": {
"timestamp": "2020-03-12T15:30:30.118Z",
"successful": true
},
"last_successful_execution": {
"timestamp": "2020-03-12T15:30:30.118Z",
"successful": true
}
}
},
"execution_state": "executed",
"version": -1
},
"trigger_event": {
"type": "schedule",
"triggered_time": "2020-03-12T15:30:30.118Z",
"schedule": {
"scheduled_time": "2020-03-12T15:30:30.012Z"
}
},
"input": {
"search": {
"request": {
"search_type": "query_then_fetch",
"indices": [
"test*"
],
"rest_total_hits_as_int": true,
"body": {
"size": 0,
"query": {
"bool": {
"must": [
{
"match": {
"status_code": "422"
}
},
{
"match": {
"response_http_headers.hostname": ""myhost.com""
}
}
],
"filter": [
{
"range": {
"@timestamp": {
"gte": "now-30d",
"lte": "now"
}
}
}
]
}
}
}
}
}
},
"condition": {
"compare": {
"ctx.payload.hits.total": {
"gt": 0
}
}
},
"metadata": {
"color": "red",
"name": "test",
"xpack": {
"type": "json"
}
},
"result": {
"execution_time": "2020-03-12T15:30:30.118Z",
"execution_duration": 389,
"input": {
"type": "search",
"status": "success",
"payload": {
"_shards": {
"total": 1,
"failed": 0,
"successful": 1,
"skipped": 0
},
"hits": {
"hits": ,
"total": 1,
"max_score": null
},
"took": 1,
"timed_out": false
},
"search": {
"request": {
"search_type": "query_then_fetch",
"indices": [
"test*"
],
"rest_total_hits_as_int": true,
"body": {
"size": 0,
"query": {
"bool": {
"must": [
{
"match": {
"status_code": "422"
}
},
{
"match": {
"response_http_headers.hostname": ""myhost.com""
}
}
],
"filter": [
{
"range": {
"@timestamp": {
"gte": "now-30d",
"lte": "now"
}
}
}
]
}
}
}
}
}
},
"condition": {
"type": "compare",
"status": "success",
"met": true,
"compare": {
"resolved_values": {
"ctx.payload.hits.total": 1
}
}
},
"transform": {
"type": "search",
"status": "success",
"payload": {
"_shards": {
"total": 1,
"failed": 0,
"successful": 1,
"skipped": 0
},
"hits": {
"hits": [
{
"_index": "test",
"_type": "_doc",
"_source": {
"status_code": "422",
"@timestamp": "2020-03-05T19:17:33.962Z",
"request_body": "{ "id":"2" , "customer" : "mycust" , "address" : "blah blah" , "zipcode" : "10000"}",
"response_body": "{ "error":{ "id":"2" , "customer" : "mycust"}}",
"response_http_headers": [
{
"Content-Type": "application/json"
},
{
"Date": "Thu, 05 Mar 2020 19:17:35 GMT"
},
{
"Content-Length": "459"
},
{
"Via": "1.1 AgAAANE7P4c-"
},
{
"hostname": "myhost.com"
},
{
"msgid": "414d51205343535131202020202020205e56fb652147c3b6"
},
{
"Access-Control-Allow-Origin": ""
},
{
"Access-Control-Allow-Methods": "POST"
},
{
"X-RateLimit-Limit": "name=default,10000;"
},
{
"X-RateLimit-Remaining": "name=default,9996;"
}
],
"bytes_sent": "16"
},
"_id": "mSRSz3ABcKlnb-_3eSxJ",
"_score": 0.5753642
}
],
"total": 1,
"max_score": 0.5753642
},
"took": 0,
"timed_out": false
},
"search": {
"request": {
"search_type": "query_then_fetch",
"indices": [
"test"
],
"rest_total_hits_as_int": true,
"body": {
"query": {
"bool": {
"must": [
{
"match": {
"status_code": "422"
}
},
{
"match": {
"response_http_headers.hostname": ""myhost.com""
}
}
],
"filter": [
{
"range": {
"@timestamp": {
"gte": "now-30d",
"lte": "now"
}
}
}
]
}
}
}
}
}
},
"actions": [
{
"id": "email_administrator",
"type": "email",
"status": "success",
"email": {
"account": "",
"message": {
"id": "email_administrator_test_44f7546f-9efa-4c19-9a6c-c57bbf2cc078-2020-03-12T15:30:30.118529Z",
"from": "",
"priority": "high",
"sent_date": "2020-03-12T15:30:30.150986Z",
"to": [
"*********"
],
"subject": "https:// is down with HTTP Status Error 422.",
"body": {
"html": " <table style="margin-left:auto;margin-right:auto;background:#ffffff;border:5px solid #eee" border="0" cellpadding="0"><td style="padding:40px"> <table style="width:812px;height:348px">Status:422Total_Errors:1RequestBody:ResponseBody:TimeStamp:2020-03-05T19:17:33.962Z
Please do not reply to this message.
Thank you,
"
}
}
}
}
]
},
"messages":
}
Please let me know if you need more information from me.