I would like to use the alerting function to detect when the following two conditions are met.
・I want to submit two queries (because each search time axis is different)
・I want to perform a second search using the results of the first search as arguments.
I am verifying this while reading the official documentation, but is it currently not possible to implement it?
I am aware of a method to achieve this by detecting with one query, passing it to another service using a trigger, and calling the second query from the other service.
I would like to know if there is a way to achieve this with only one monitor setting.
The closest thing would be to use the composite monitor function, but it would be nice to be able to set the first query result as an argument for the second query.
@t.naka I’ve checked the documentation and you’re correct.
All of the monitors execute a single query. The composite monitor can use multiple monitors to trigger alerts in a sequence. But they don’t relay on each other and don’t share the results between themselves.
Currently, the only way to achieve what I want is to use the trigger function to send a second query from Lambda or something similar.
I think there is a demand for complex monitor functions, so I would like to close this question in the hope that OpenSearch’s monitor function will be enhanced to be complete on its own.
@t.naka If you’d like to see such functionality in OpenSearch Dashboards, you can open a Feature Request in the OpenSearch GitHub.
If you do so, please share the link in this thread.