Version: 7.x-52.5.0
This is an older version of Search Guard. Switch to Latest version
This is an older version of Search Guard. Switch to Latest version
Community
Creating triggers for Elasticsearch watches
What is a trigger
Every watch has to define a trigger. A trigger specifies when a watch gets executed (“triggered”). Currently the following trigger types are supported:
- Date and time
- for example, every Wednesday at 2pm
- Interval
- for example, every 10 minutes
- cron
- gives you the full power of cron expressions
Example:
{
"trigger": {
"schedule": {
"weekly": {
"on": "thursday",
"at": "14:40:45"
}
}
},
"checks": [ ... ],
"actions": [ ... ]
}
Trigger execution
Each trigger gets registered with the Trigger Execution Engine. The execution engine makes sure that
- Each trigger is executed on exactly one node at a time
- You can specify node filters to define on which nodes Signals Alerting should run
- Triggers created in different tenants will not interfere whith each other
- This applies only when you are using Multi Tenancy.
Time zones
Signals supports different time zones. If no time zone is specified, the default JVM time zone is used.