im looking to send search results as seen on gui via monitors alerts
how do i define monitor/query that sends all results data as per simple lucene search string
im looking to send search results as seen on gui via monitors alerts
how do i define monitor/query that sends all results data as per simple lucene search string
below works in console and also the above lucene search same string
GET data1/_search
{
“query”: {
“match”: {
“message”: “NOT message:"?INFO?"”
}
}
}
below monitor definition is not working
{
“description”: “”,
“queries”: [
{
“id”: “Error-query”,
“name”: “Error-query”,
“query”: “message: "NOT message:"?INFO?""”,
“tags”:
}
]
}
@dtaivpp @searchymcsearchface
can someone do a quick check if such search not send alert or any issues with this type of format
when searching on discover tab after you get the results, you can try to click the “inspect” from the menu bar at the top. you can then see the actual query sent in request and then you can use that same query in alerts. hope this helps you