I am looking for help setting up an alert and trigger and am pretty new to OpenSearch:
Each record that comes into this index comes in with a three-character code. We have a static list of these codes that we want to ensure are having records produced with their values at regular intervals. For the alert, we would want to receive a notification when, in a specified interval, one of codes is not detected in any logs over that period of time.
As an example, if code “ABC” exists in our list and is not detected in the bucket aggregation on terms for those codes, an alert is produced.
Thank you for the help in advance!