TechQA.

Add multiple filter in ElastAlert

37 views Asked by At

We have 2 fields in the ElasticSearch

  • api_status = 400 or 200 or 500
  • api_url = /v1/myapi.com

In elastAlert how can I get the filter to fetch if all status=400 that are coming for all events with api_url within 10min are 5% of the total count?

Total count api_uri=/v1/myapi.com -> 1000 in 10 min

Total count api_status=400 -> 100 in 10 min

So 4xx is >5% of the total count

and the same trigger should happen through Elast Alert

elasticsearch elastic-stack elastalert elastalert2
Original Q&A
0

There are 0 answers

Related Questions in ELASTICSEARCH

Related Questions in ELASTIC-STACK

Related Questions in ELASTALERT

Related Questions in ELASTALERT2

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions