Trigger condition based on iteration

abhilash2908 · March 9, 2021, 6:54am

So, I understand that for a single key-value based condition, we can easily create trigger conditions.
For example, in my response’s source, I have the following…

    {
      "difference_by_days" : 0
    }

In the above, I can just put a condition like…
ctx.results[0].hits.hits._source. difference_by_days > 0

If the above is true then I generate an alert and if it’s false, I don’t.

But, what about the cases where I have to loop through a dynamic sized array and along with each iteration that is made, I need to return true or false and based on a certain condition and for all those iterations where the condition was true, there should be an alert sent along with some data that was present in the variables during a particular iteration.

bbKhamar · June 30, 2021, 10:29am

I have the similar requirement, let me know if you found any solution.
Thanks.

dprada · September 30, 2021, 12:36pm

Same here. If there are three hits on the same monitor schedule time, I would like to get three alarms, not one. And with some info from the Extraction query response.

Thanks.

Topic		Replies	Views
Create Dynamic Alerting Trigger based on Doc's Value inside "_source" Alerting discuss , troubleshoot , configure	0	399	July 1, 2022
How to use custom trigger variables in the raised alert messages to know triggered condition details Alerting	4	1741	July 7, 2021
Alerting based on a percentage increase Alerting	1	564	February 7, 2023
Trigger condition fails to run as intended Alerting	1	405	February 7, 2023
Various conditions creating an alarm Alerting	1	357	January 26, 2023

Trigger condition based on iteration

Related topics