0
0
Elasticsearchquery~20 mins

Alerting and notifications in Elasticsearch - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Challenge - 5 Problems
🎖️
Elasticsearch Alerting Master
Get all challenges correct to earn this badge!
Test your skills under time pressure!
Predict Output
intermediate
2:00remaining
What is the output of this Watcher alert condition?
Given the following Watcher condition script, what will be the result if the document count is 5?
{
  "condition": {
    "script": {
      "source": "return ctx.payload.hits.total.value > 10"
    }
  }
}
Elasticsearch
{
  "condition": {
    "script": {
      "source": "return ctx.payload.hits.total.value > 10"
    }
  }
}
Afalse
Btrue
Cnull
DScriptException
Attempts:
2 left
💡 Hint
Think about the comparison operator and the document count value.
🧠 Conceptual
intermediate
1:30remaining
Which action type sends an email notification in Elasticsearch Watcher?
In Elasticsearch Watcher, which action type is used to send an email alert?
A"email"
B"webhook"
C"index"
D"logging"
Attempts:
2 left
💡 Hint
Think about the action that directly sends messages to email addresses.
Predict Output
advanced
2:30remaining
What is the output of this Watcher transform script?
Given this transform script in a Watcher action, what will be the output if ctx.payload.hits.hits contains two documents with fields {"status": "error"} and {"status": "ok"} respectively?
{
  "transform": {
    "script": {
      "source": "return ctx.payload.hits.hits.stream().filter(hit -> hit._source.status == 'error').collect(Collectors.toList())"
    }
  }
}
Elasticsearch
{
  "transform": {
    "script": {
      "source": "return ctx.payload.hits.hits.stream().filter(hit -> hit._source.status == 'error').collect(Collectors.toList())"
    }
  }
}
A[{"_source":{"status":"error"}}]
B[{"_source":{"status":"ok"}}]
CScriptException
D[]
Attempts:
2 left
💡 Hint
Consider the scripting language used by Watcher and Java stream API availability.
🔧 Debug
advanced
3:00remaining
Why does this Watcher email action fail to send?
This Watcher email action configuration fails to send emails. What is the cause?
{
  "actions": {
    "send_email": {
      "email": {
        "to": "user@example.com",
        "subject": "Alert",
        "body": "There is an alert."
      }
    }
  }
}
AMissing SMTP server configuration in Elasticsearch settings
BThe "body" field must be an object with "text" key
CThe "to" field must be an array, not a string
DIncorrect email action name, should be "email_action"
Attempts:
2 left
💡 Hint
Check the required structure of the email body in Watcher email actions.
🚀 Application
expert
2:30remaining
How many actions will execute if this Watcher triggers?
Consider this Watcher with two actions defined:
{
  "actions": {
    "log_error": {
      "logging": {
        "level": "error",
        "text": "Error detected"
      }
    },
    "notify_admin": {
      "email": {
        "to": ["admin@example.com"],
        "subject": "Alert",
        "body": {"text": "An error occurred."}
      }
    }
  }
}

If the Watcher condition is true, how many actions will run?
ANo actions run automatically; manual trigger required
BOnly the second action "notify_admin" runs
COnly the first action "log_error" runs
DBoth actions "log_error" and "notify_admin" run
Attempts:
2 left
💡 Hint
By default, all actions run if the condition is met.