Rule type to be used to get particular keyword from message field in Kibana logs #1523
-
|
Hi Team, I have one urgent request to implement elastalert2 to fetch particular keyword from message field in Kibana logs. Below is the message from the kibana log REPORT INFO: Found 24 transaction to reconsile with status R I want to extract the count(24) from above message and check if the count has exceeded 100 and raise an alert. C Can this be done using elastalert2. Please help me. Any help is appreciated. |
Beta Was this translation helpful? Give feedback.
Answered by
jertel
Aug 30, 2024
Replies: 1 comment
-
|
Look into scripted fields with Elasticsearch. |
Beta Was this translation helpful? Give feedback.
0 replies
Answer selected by
jertel
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Look into scripted fields with Elasticsearch.