Alert on complex query


(Artem Davydov) #1

Hi , help me pls with alert on complex query.
I have such query :

"/platform/services/ApplicationManagementService" AND ((type:nginx_access AND NOT response:200 AND NOT response:401) OR (type:osb_mlt_server AND (aplmError:APLM0012 OR aplmError:APLM0017)))

how can i get alert if messages from query above will grow up?
as i know i need to route them to stream but there is a lot of conditions which cannot be configure in stream rules. Am I wrong ? thx


(Jan Doberstein) #2

Hej,

you have multiple ways to get that result.

I would create a pipeline rule that creates an additional field if all of your conditions match.

The alert would then be on the one single added field.


(system) #3

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.