elasticsearch


bosun config to read a single field (string)


I am unable to read comma separated string field by bosun elastic search operation, however it works fine for numeric field. I want to read a field has comma separated strings, then I want to put it in template subject and notify to slack channel.
Below how I read numeric value but same not working string, I want to read a field called "tags" that has comma separated values of string like "test,poc,custa,maria"
$q = esstat(esls("metrics-xxx"), "host", esquery("metric", "disk"), "used_percent", "avg", "1m", "7m", "")
$val = avg($q)
Anyone worked on that?
I'm not sure I'm entirely clear on question. Few things to keep in mind:
Elastic monitoring in Bosun is really intended for alerting on Logs, not metrics stored in elastic. You might be able to do it, but not a scenario that has been explored by any of the Bosun authors.
Return types in Bosun's expression language or typed, the only type currently returned by elastic queries is a seriesSet (see http://bosun.org/expressions#elastic-query-functions)
Are you sure you have a CSV string value, often in elastic you would map that to an array and have the analyzer split on commas.
That being said if all you want to do is display it in the template, you can use either .ESQuery or .ESQueryAll to get the raw rows, and you display the .Tag field of some sample rows from your query (or maybe just the first row). See usage of these template functions in the docs.

Related Links

Elasticsearch startup: not available immediately
Elasticsearch Partial Fields With Inner Hits
ElasticSearch issue when adding new path.data
To copy an index from one machine to another in elasticsearch
Elasticsearch 2.0: how to delete by query in Java
Erroneour match using snowball analyzer
ElasticSearch 2.0 upgrade now can't connect to server
Elasticsearch layered ordering
Elasticsearch significant terms on nested objects
System Configuration for 3 node elasticsearch cluster
Nest - how to write a span near query with multiple clauses?
low disk watermark [??%] exceeded on
Why are shards getting initialized and relocated during bulk insert
Terms Aggregation for nested field in Elastic Search
Why does kibana 3.x not work with elastic search 2.x?
Retrieving top terms query in Elasticsearch

Categories

HOME
xpath
nam
user-interface
freeradius
seedstack
couchdb
odata
bittorrent
sentry
ex
amazon-elb
scala-ide
libgit2
fido-u2f
quantitative-finance
tortoisemerge
tilemill
intune
john-the-ripper
appcode
runtimeexception
nanogallery
microsoft-ui-automation
gitolite
word-cloud
fiware-wirecloud
git-tfs
type-inference
jshint
cordova-ios
embedded-v8
webvtt
oracle-fusion-apps
yargs
scheduledexecutorservice
google-identity-toolkit
okio
wif4.5
wikimedia-commons
textpattern
stack-smash
ora-04091
blank-line
componentart
erlog
deque
rfc5545
python-c-extension
phonegap-facebook-plugin
dmake
jquery-mobile-flipswitch
communicate
screwturn
wso2bam
revmob
form-for
dynamic-rdlc-generation
idispatch
glassfish-esb
vows
fragment-identifier
digiflow
oracle-pro-c
rtti
gtktextview
service-factory

Resources

Encrypt Message