Find result of anomaly detection through {{ctx.results.0}} for monitor

Plugins Alerting
1

Hello guys,

there is a special tricks to grab result of anomaly detection on my monitor ?

sample of my anomaly detection:

{
  "_index": ".opendistro-anomaly-results-history-2021.10.06-1",
  "_type": "_doc",
  "_id": "QMhxx3wBV-qbiXOhhdt9",
  "_version": 1,
  "_score": null,
  "_source": {
    "detector_id": "vEHjxnwBI1Ki2jI6nUrx",
    "data_start_time": 1635433318105,
    "data_end_time": 1635433618105,
    "schema_version": 4,
    "feature_data": [
      {
        "feature_id": "u0HjxnwBI1Ki2jI6nUre",
        "feature_name": "Count",
        "data": 0
      }
    ],
    "execution_start_time": 1635433678205,
    "execution_end_time": 1635433678205,
    "anomaly_score": 0.5,
    "anomaly_grade": 0,
    "confidence": 0.84162227565902,
    "entity": [
      {
        "name": "src_country.keyword",
        "value": "NLD"
      },
      {
        "name": "src_ip.keyword",
        "value": "37.0.10.187"
      }
    ],
    "model_id": "vEHjxnwBI1Ki2jI6nUrx_entity_Jks2OAyIC2JTznLvvLJn1w"
  },
  "fields": {
    "data_start_time": [
      "2021-10-28T15:01:58.105Z"
    ],
    "execution_start_time": [
      "2021-10-28T15:07:58.205Z"
    ],
    "data_end_time": [
      "2021-10-28T15:06:58.105Z"
    ],
    "execution_end_time": [
      "2021-10-28T15:07:58.205Z"
    ]
  },
  "sort": [
    1635433318105
  ]
}

On my alerting plugin i have a monitor who rise alert for this detector, works well but i want to grab value ( src_ip.keyword and src_country.keyword) through painless on my action’s message with :

{{ctx.results.0}}
2

You can use

{{ctx.results.0.hits.hits.0._source.entity}}

Example message:

test

Monitor kaituo-test2 just entered alert status. Please investigate the issue.

  • Trigger: kaituo-trigger2
  • Severity: 1
  • Period start: 2021-11-05T03:44:19.267Z
  • Period end: 2021-11-05T03:46:19.267Z
  • Entity: {0={name=error_type, value=error2}, 1={name=ip, value=192.168.1.1}}