Hi all,
I’m using Elasticsearch (with Kibana) to log IBM ACE message flow exceptions, and I’ve already built pipelines to successfully index logs. Now, I need to configure a Watcher to send email alerts based on specific logic.
Objective
Send email alerts for exceptions, with the following logic:
- Scenario 1 – Single Exception Once
- Interface:
KN550 - Exception:
Internal Server Error(only occurred once) - Send one mail
- Scenario 2 – Repeated Exception within 30 Minutes
- Interface:
KN540 - Exception:
Bad Request(occurred multiple times in 30 mins) - Send only one mail in a 30-minute window
- If the error persists beyond 30 mins, send again
- Scenario 3 – Same Exception, Different Flows
- Interface:
KN559 - Different message flows:
MF1,MF2,MF3 - Each with a unique or same exception
- Send one mail per message flow per exception, even if the error text is the same
Note: My Exception field contains long stack trace.
My Question
Is it possible to achieve this scenario using Kibana Watchers?