-
Elastalert throws this exception: Oct 15 11:43:12 evesuri elastalert[304844]: WARNING:elasticsearch:POST https://x.x.x.x:9200/elastalert_status/_doc [status:400 request:0.008s] Is there any way to solve this? Thanks for your help |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 4 replies
-
Perhaps your data's timestamp_field (by default it's |
Beta Was this translation helpful? Give feedback.
If you're talking about showing the time in an alert text subject or body, then perhaps your TimeEnhancement should be copying the @timestamp field into a new field named "local_timestamp", so it doesn't touch the original timestamp. Then reference that new field in your formatted alert message.