Alert on ElasticSearch Query

dfuentes · September 19, 2019, 7:24pm

I’ve been trying to get an alert in place that indicates when there is a new ‘host’ that appears on my Graph panel that I have results coming from a query via ElasticSearch for network outages.
The issue that I’m having is that not all hosts that experience the event result in producing an alert rather just one of the hosts. See the below screenshots for how I have the alert set up, the alerting state history, and the resulting Slack alert.

What am I missing or doing wrong that is preventing from an alert being produced for each host experiencing an event?

gretamosa · September 19, 2019, 9:26pm

Could you post your query? because templating variables are not supported in alerting.

dfuentes · September 19, 2019, 10:00pm

Thanks for your response!

I’m simply querying for the following: message: "No network request since" and then grouping by the term host-name following by Date Histogram using @timestamp

gretamosa · September 20, 2019, 11:58am

Take a look at this link in multiple series and its recommendation by using Grafana reminders.