richcollier
richcollier
/ gist:7c43c5847044227688aeef19498aac9e
Created
January 11, 2024 13:52
Capture index sizes daily
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| POST _watcher/watch/_execute | |
| { | |
| "watch": { | |
| "trigger": { | |
| "schedule": { | |
| "interval": "1d" | |
| } | |
| }, | |
| "input": { | |
| "http": { |
richcollier
/ watcher_alert_datemath.txt
Created
March 28, 2023 13:21
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| POST _watcher/watch/_execute | |
| { | |
| "watch": { | |
| "trigger": { | |
| "schedule": { | |
| "interval": "15m" | |
| } | |
| }, | |
| "input": { | |
| "search": { |
richcollier
/ detect_missing_data.txt
Last active
February 18, 2023 18:59
List of indices that were getting data 2 days ago, but not in the last 1 day
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| POST _watcher/watch/_execute | |
| { | |
| "watch": { | |
| "trigger": { | |
| "schedule": { | |
| "interval": "1d" | |
| } | |
| }, | |
| "metadata": { | |
| "longer_time": "2d/d", |
richcollier
/ example_webhook_watch.txt
Created
January 25, 2023 20:31
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| POST _watcher/watch/_execute | |
| { | |
| "watch": { | |
| "trigger": { | |
| "schedule": { | |
| "interval": "1m" | |
| } | |
| }, | |
| "input": { | |
| "search": { |
richcollier
/ ips_with_errors_before_but_not_lately.txt
Created
January 2, 2023 00:16
List of IPs that were getting errors 2 days ago, but not in the last 1 day
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| POST _watcher/watch/_execute | |
| { | |
| "watch": { | |
| "trigger": { | |
| "schedule": { | |
| "interval": "1m" | |
| } | |
| }, | |
| "metadata": { | |
| "longer_time": "2d/d", |
richcollier
/ alert_on_entity_in_an_interval.txt
Last active
December 21, 2022 15:03
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #alert on a specific entity during a time interval with a value of a field > X | |
| POST _watcher/watch/_execute | |
| { | |
| "watch": { | |
| "trigger": { | |
| "schedule": { | |
| "interval": "5m" | |
| } | |
| }, | |
| "input": { |
richcollier
/ compare_shard_primary_and_replica.txt
Created
August 26, 2022 21:49
compare_shard_primary_and_replica
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| POST _watcher/watch/_execute | |
| { | |
| "watch": { | |
| "trigger": { | |
| "schedule": { | |
| "interval": "1d" | |
| } | |
| }, | |
| "input": { | |
| "http": { |
richcollier
/ simple_terms_agg_threshold.txt
Created
June 19, 2022 10:25
Watch with simple terms agg and threshold
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| POST _watcher/watch/_execute | |
| { | |
| "watch": { | |
| "trigger": { | |
| "schedule": { | |
| "interval": "5m" | |
| } | |
| }, | |
| "input": { | |
| "search": { |
richcollier
/ alert_on_three_consecutive_anomalies.txt
Created
June 3, 2022 02:28
Alert only on 3 consecutive anomalies above a certain summed score
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| POST _watcher/watch/_execute | |
| { | |
| "watch": { | |
| "trigger": { | |
| "schedule": { | |
| "interval": "1440m" | |
| } | |
| }, | |
| "input": { | |
| "search": { |
richcollier
/ changed_ip_watch_example.txt
Created
May 24, 2022 18:48
Example of a watch to check if each device's IP is the same or changed
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| PUT devices/ | |
| { | |
| "mappings": { | |
| "properties": { | |
| "@timestamp": { | |
| "type": "date", | |
| "format": "yyyy-MM-dd HH:mm:ss||yyyy-MM-dd||epoch_millis" | |
| }, | |
| "devicename": { | |
| "type": "keyword" |
NewerOlder