Search results send to slack via monitors alerts

im looking to send search results as seen on gui via monitors alerts

how do i define monitor/query that sends all results data as per simple lucene search string

below works in console and also the above lucene search same string
GET data1/_search
“query”: {
“match”: {
“message”: “NOT message:"?INFO?"”

below monitor definition is not working

“description”: “”,
“queries”: [
“id”: “Error-query”,
“name”: “Error-query”,
“query”: “message: "NOT message:"?INFO?""”,

@dtaivpp @searchymcsearchface
can someone do a quick check if such search not send alert or any issues with this type of format

when searching on discover tab after you get the results, you can try to click the “inspect” from the menu bar at the top. you can then see the actual query sent in request and then you can use that same query in alerts. hope this helps you