Hi , help me pls with alert on complex query.
I have such query :
"/platform/services/ApplicationManagementService" AND ((type:nginx_access AND NOT response:200 AND NOT response:401) OR (type:osb_mlt_server AND (aplmError:APLM0012 OR aplmError:APLM0017)))
how can i get alert if messages from query above will grow up?
as i know i need to route them to stream but there is a lot of conditions which cannot be configure in stream rules. Am I wrong ? thx