Replies: 1 comment 2 replies
-
You can enable debug logging so you can see the actual query being sent to Elastic. But from what I see in your post if looks like you are searching a different time range from the document timestamps being inserted. |
Beta Was this translation helpful? Give feedback.
2 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hi
I have now my opensearch and elastalert2 dockers deployed, what I am trying to do is just run my first simple alert as a test for my POC. but in the Elastalert2 rule still no matching see the following
I add some records in the mariadblog-index like the following
My Target
send email if the document contains id 2501 OR 5503
My Rule and Alert
I can retrieve the records from my index
Beta Was this translation helpful? Give feedback.
All reactions