Hi,
I want to create an Monitor that alerts when ever there is a customer that bought more than 10 items in the last our. I am using term aggregations to get the customers and use sum aggregation to get the total items they bought. What I am missing is how to trigger an alert with the customer that reached 10 or more items. Any ideas please?
Thanks
Configuration:
Relevant Logs or Screenshots:
@rapaj Have you checked this documentation?
Hi @pablo THanks for the reply. I managed to find a way to identify the customers,
"aggregations": {
"usernameAgg": {
"terms": {
"field": "userName.keyword"
},
"aggregations": {
"sumAmount": {
"sum": {
"field": "amount"
}
},
"test":{
"bucket_script": {
"buckets_path": {
"amountA":"sumAmount"
},
"script": "int output=0; if(params.amountA >= 10) {output=1;}else {output = 2} return output;"
}
}
}
}
}
but now I need to include them in the output message.
For the trigger I am checking the output and adding a counter for the ones that match the requirements. To trigger I am checking the length of the array if it is more then 0 trigger.
Do you know how to parse the bucket with the results to print the customers in the action of the alert.?
Thanks