Create or update a watch

PUT /_watcher/watch/{id}

When a watch is registered, a new document that represents the watch is added to the .watches index and its trigger is immediately registered with the relevant trigger engine. Typically for the schedule trigger, the scheduler is the trigger engine.

IMPORTANT: You must use Kibana or this API to create a watch. Do not add a watch directly to the .watches index by using the Elasticsearch index API. If Elasticsearch security features are enabled, do not give users write privileges on the .watches index.

When you add a watch you can also define its initial active state by setting the active parameter.

When Elasticsearch security features are enabled, your watch can index or search only on indices for which the user that stored the watch has privileges. If the user is able to read index a, but not index b, the same will apply when the watch runs.

Path parameters

id string Required

Watch ID

Query parameters

active boolean

Specify whether the watch is in/active by default
if_primary_term number

only update the watch if the last operation that has changed the watch has the specified primary term
if_seq_no number

only update the watch if the last operation that has changed the watch has the specified sequence number
version number

Explicit version number for concurrency control

application/json

Body

actions object
Hide actions attribute Show actions attribute object
- * object Additional properties
  
  Additional properties are allowed.
  Hide * attributes Show * attributes object
  
  action_type string
  
  Values are email, webhook, index, logging, slack, or pagerduty.
  
  condition object
  
  Additional properties are allowed.
  
  Hide condition attributes Show condition attributes object
  
  always object
  
  Additional properties are allowed.
  
  array_compare object
  
  Hide array_compare attribute Show array_compare attribute object
  
  * object Additional properties
  
  Additional properties are allowed.
  
  Hide * attribute Show * attribute object
  
  path string Required
  
  compare object
  
  Hide compare attribute Show compare attribute object
  
  * object Additional properties
  
  never object
  
  Additional properties are allowed.
  
  script object
  
  Additional properties are allowed.
  
  Hide script attributes Show script attributes object
  
  lang string
  
  params object
  
  Hide params attribute Show params attribute object
  
  * object Additional properties
  
  Additional properties are allowed.
  
  source string
  
  id string
  
  foreach string
  
  max_iterations number
  
  name string
  
  throttle_period string
  
  A duration. Units can be nanos, micros, ms (milliseconds), s (seconds), m (minutes), h (hours) and d (days). Also accepts "0" without a unit and "-1" to indicate an unspecified value.
  
  throttle_period_in_millis number
  
  Time unit for milliseconds
  
  transform object
  
  Additional properties are allowed.
  
  Hide transform attributes Show transform attributes object
  
  chain array[object]
  
  Additional properties are allowed.
  
  script object
  
  Additional properties are allowed.
  
  Hide script attributes Show script attributes object
  
  lang string
  
  params object
  
  Hide params attribute Show params attribute object
  
  * object Additional properties
  
  Additional properties are allowed.
  
  source string
  
  id string
  
  search object
  
  Additional properties are allowed.
  
  Hide search attributes Show search attributes object
  
  request object Required
  
  Additional properties are allowed.
  
  Hide request attributes Show request attributes object
  
  body object
  
  Additional properties are allowed.
  
  Hide body attribute Show body attribute object
  
  query object Required
  
  Additional properties are allowed.
  
  indices array[string]
  
  indices_options object
  
  Additional properties are allowed.
  
  Hide indices_options attributes Show indices_options attributes object
  
  allow_no_indices boolean
  
  If false, the request returns an error if any wildcard expression, index alias, or _all value targets only missing or closed indices. This behavior applies even if the request targets other open indices. For example, a request targeting foo*,bar* returns an error if an index starts with foo but no index starts with bar.
  
  expand_wildcards string | array[string]
  
  ignore_unavailable boolean
  
  If true, missing or closed indices are not included in the response.
  
  ignore_throttled boolean
  
  If true, concrete, expanded or aliased indices are ignored when frozen.
  
  search_type string
  
  Values are query_then_fetch or dfs_query_then_fetch.
  
  template object
  
  Additional properties are allowed.
  
  Hide template attributes Show template attributes object
  
  explain boolean
  
  id string
  
  params object
  
  profile boolean
  
  source string
  
  An inline search template. Supports the same parameters as the search API's request body. Also supports Mustache variables. If no id is specified, this parameter is required.
  
  rest_total_hits_as_int boolean
  
  timeout string Required
  
  A duration. Units can be nanos, micros, ms (milliseconds), s (seconds), m (minutes), h (hours) and d (days). Also accepts "0" without a unit and "-1" to indicate an unspecified value.
  
  index object
  
  Additional properties are allowed.
  
  Hide index attributes Show index attributes object
  
  index string Required
  
  doc_id string
  
  refresh string
  
  Values are true, false, or wait_for.
  
  op_type string
  
  Values are index or create.
  
  timeout string
  
  A duration. Units can be nanos, micros, ms (milliseconds), s (seconds), m (minutes), h (hours) and d (days). Also accepts "0" without a unit and "-1" to indicate an unspecified value.
  
  execution_time_field string
  
  Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.
  
  logging object
  
  Additional properties are allowed.
  
  Hide logging attributes Show logging attributes object
  
  level string
  
  text string Required
  
  category string
  
  email object
  
  Additional properties are allowed.
  
  Hide email attributes Show email attributes object
  
  id string
  
  bcc array[string]
  
  body object
  
  Additional properties are allowed.
  
  Hide body attributes Show body attributes object
  
  html string
  
  text string
  
  cc array[string]
  
  from string
  
  priority string
  
  Values are lowest, low, normal, high, or highest.
  
  reply_to array[string]
  
  sent_date string | number
  
  A date and time, either as a string whose format can depend on the context (defaulting to ISO 8601), or a number of milliseconds since the Epoch. Elasticsearch accepts both as input, but will generally output a string representation.
  
  One of:
  _types:DateTime string _types:UnitMillis number
  
  Time unit for milliseconds
  
  subject string Required
  
  to array[string] Required
  
  attachments object
  
  Hide attachments attribute Show attachments attribute object
  
  * object Additional properties
  
  Additional properties are allowed.
  
  Hide * attributes Show * attributes object
  
  http object
  
  Additional properties are allowed.
  
  reporting object
  
  Additional properties are allowed.
  
  data object
  
  Additional properties are allowed.
  
  pagerduty object
  
  Additional properties are allowed.
  
  Hide pagerduty attributes Show pagerduty attributes object
  
  account string
  
  attach_payload boolean Required
  
  client string
  
  client_url string
  
  contexts array[object]
  
  Hide contexts attributes Show contexts attributes object
  
  href string
  
  src string
  
  type string Required
  
  Values are link or image.
  
  description string Required
  
  event_type string
  
  Values are trigger, resolve, or acknowledge.
  
  incident_key string Required
  
  proxy object
  
  Additional properties are allowed.
  
  Hide proxy attributes Show proxy attributes object
  
  host string
  
  port number
  
  slack object
  
  Additional properties are allowed.
  
  Hide slack attributes Show slack attributes object
  
  account string
  
  message object Required
  
  Additional properties are allowed.
  
  Hide message attributes Show message attributes object
  
  attachments array[object] Required
  
  Hide attachments attributes Show attachments attributes object
  
  author_icon string
  
  author_link string
  
  author_name string Required
  
  color string
  
  fallback string
  
  fields array[object]
  
  footer string
  
  footer_icon string
  
  image_url string
  
  pretext string
  
  text string
  
  thumb_url string
  
  title string Required
  
  title_link string
  
  ts
  
  dynamic_attachments object
  
  Additional properties are allowed.
  
  Hide dynamic_attachments attributes Show dynamic_attachments attributes object
  
  attachment_template object Required
  
  Additional properties are allowed.
  
  Hide attachment_template attributes Show attachment_template attributes object
  
  author_icon string
  
  author_link string
  
  author_name string Required
  
  color string
  
  fallback string
  
  fields array[object]
  
  footer string
  
  footer_icon string
  
  image_url string
  
  pretext string
  
  text string
  
  thumb_url string
  
  title string Required
  
  title_link string
  
  ts
  
  list_path string Required
  
  from string Required
  
  icon string
  
  text string Required
  
  to array[string] Required
  
  webhook object
  
  Additional properties are allowed.
  
  Hide webhook attributes Show webhook attributes object
  
  auth object
  
  Additional properties are allowed.
  
  Hide auth attribute Show auth attribute object
  
  basic object Required
  
  Additional properties are allowed.
  
  Hide basic attributes Show basic attributes object
  
  password string Required
  
  username string Required
  
  body string
  
  connection_timeout string
  
  A duration. Units can be nanos, micros, ms (milliseconds), s (seconds), m (minutes), h (hours) and d (days). Also accepts "0" without a unit and "-1" to indicate an unspecified value.
  
  headers object
  
  Hide headers attribute Show headers attribute object
  
  * string Additional properties
  
  host string
  
  method string
  
  Values are head, get, post, put, or delete.
  
  params object
  
  Hide params attribute Show params attribute object
  
  * string Additional properties
  
  path string
  
  port number
  
  proxy object
  
  Additional properties are allowed.
  
  Hide proxy attributes Show proxy attributes object
  
  host string Required
  
  port number Required
  
  read_timeout string
  
  A duration. Units can be nanos, micros, ms (milliseconds), s (seconds), m (minutes), h (hours) and d (days). Also accepts "0" without a unit and "-1" to indicate an unspecified value.
  
  scheme string
  
  Values are http or https.
  
  url string
condition object

Additional properties are allowed.
Hide condition attributes Show condition attributes object
- always object
  
  Additional properties are allowed.
- array_compare object
  Hide array_compare attribute Show array_compare attribute object
  
  * object Additional properties
  
  Additional properties are allowed.
  
  Hide * attribute Show * attribute object
  
  path string Required
- compare object
  Hide compare attribute Show compare attribute object
  
  * object Additional properties
- never object
  
  Additional properties are allowed.
- script object
  
  Additional properties are allowed.
  Hide script attributes Show script attributes object
  
  lang string
  
  params object
  
  Hide params attribute Show params attribute object
  
  * object Additional properties
  
  Additional properties are allowed.
  
  source string
  
  id string
input object

Additional properties are allowed.
Hide input attributes Show input attributes object
- chain object
  
  Additional properties are allowed.
  Hide chain attribute Show chain attribute object
  
  inputs array[object] Required
  
  Hide inputs attribute Show inputs attribute object
  
  * object
  
  Additional properties are allowed.
- http object
  
  Additional properties are allowed.
  Hide http attributes Show http attributes object
  
  extract array[string]
  
  request object
  
  Additional properties are allowed.
  
  Hide request attributes Show request attributes object
  
  auth object
  
  Additional properties are allowed.
  
  Hide auth attribute Show auth attribute object
  
  basic object Required
  
  Additional properties are allowed.
  
  Hide basic attributes Show basic attributes object
  
  password string Required
  
  username string Required
  
  body string
  
  connection_timeout string
  
  A duration. Units can be nanos, micros, ms (milliseconds), s (seconds), m (minutes), h (hours) and d (days). Also accepts "0" without a unit and "-1" to indicate an unspecified value.
  
  headers object
  
  Hide headers attribute Show headers attribute object
  
  * string Additional properties
  
  host string
  
  method string
  
  Values are head, get, post, put, or delete.
  
  params object
  
  Hide params attribute Show params attribute object
  
  * string Additional properties
  
  path string
  
  port number
  
  proxy object
  
  Additional properties are allowed.
  
  Hide proxy attributes Show proxy attributes object
  
  host string Required
  
  port number Required
  
  read_timeout string
  
  A duration. Units can be nanos, micros, ms (milliseconds), s (seconds), m (minutes), h (hours) and d (days). Also accepts "0" without a unit and "-1" to indicate an unspecified value.
  
  scheme string
  
  Values are http or https.
  
  url string
  
  response_content_type string
  
  Values are json, yaml, or text.
- search object
  
  Additional properties are allowed.
  Hide search attributes Show search attributes object
  
  extract array[string]
  
  request object Required
  
  Additional properties are allowed.
  
  Hide request attributes Show request attributes object
  
  body object
  
  Additional properties are allowed.
  
  Hide body attribute Show body attribute object
  
  query object Required
  
  Additional properties are allowed.
  
  External documentation
  
  indices array[string]
  
  indices_options object
  
  Additional properties are allowed.
  
  Hide indices_options attributes Show indices_options attributes object
  
  allow_no_indices boolean
  
  If false, the request returns an error if any wildcard expression, index alias, or _all value targets only missing or closed indices. This behavior applies even if the request targets other open indices. For example, a request targeting foo*,bar* returns an error if an index starts with foo but no index starts with bar.
  
  expand_wildcards string | array[string]
  
  ignore_unavailable boolean
  
  If true, missing or closed indices are not included in the response.
  
  ignore_throttled boolean
  
  If true, concrete, expanded or aliased indices are ignored when frozen.
  
  search_type string
  
  Values are query_then_fetch or dfs_query_then_fetch.
  
  template object
  
  Additional properties are allowed.
  
  Hide template attributes Show template attributes object
  
  explain boolean
  
  id string
  
  params object
  
  Hide params attribute Show params attribute object
  
  * object Additional properties
  
  Additional properties are allowed.
  
  profile boolean
  
  source string
  
  An inline search template. Supports the same parameters as the search API's request body. Also supports Mustache variables. If no id is specified, this parameter is required.
  
  rest_total_hits_as_int boolean
  
  timeout string
  
  A duration. Units can be nanos, micros, ms (milliseconds), s (seconds), m (minutes), h (hours) and d (days). Also accepts "0" without a unit and "-1" to indicate an unspecified value.
- simple object
  Hide simple attribute Show simple attribute object
  
  * object Additional properties
  
  Additional properties are allowed.
metadata object
Hide metadata attribute Show metadata attribute object
- * object Additional properties
  
  Additional properties are allowed.
throttle_period string
transform object

Additional properties are allowed.
Hide transform attributes Show transform attributes object
- chain array[object]
  
  Additional properties are allowed.
- script object
  
  Additional properties are allowed.
  Hide script attributes Show script attributes object
  
  lang string
  
  params object
  
  Hide params attribute Show params attribute object
  
  * object Additional properties
  
  Additional properties are allowed.
  
  source string
  
  id string
- search object
  
  Additional properties are allowed.
  Hide search attributes Show search attributes object
  
  request object Required
  
  Additional properties are allowed.
  
  Hide request attributes Show request attributes object
  
  body object
  
  Additional properties are allowed.
  
  Hide body attribute Show body attribute object
  
  query object Required
  
  Additional properties are allowed.
  
  External documentation
  
  indices array[string]
  
  indices_options object
  
  Additional properties are allowed.
  
  Hide indices_options attributes Show indices_options attributes object
  
  allow_no_indices boolean
  
  If false, the request returns an error if any wildcard expression, index alias, or _all value targets only missing or closed indices. This behavior applies even if the request targets other open indices. For example, a request targeting foo*,bar* returns an error if an index starts with foo but no index starts with bar.
  
  expand_wildcards string | array[string]
  
  ignore_unavailable boolean
  
  If true, missing or closed indices are not included in the response.
  
  ignore_throttled boolean
  
  If true, concrete, expanded or aliased indices are ignored when frozen.
  
  search_type string
  
  Values are query_then_fetch or dfs_query_then_fetch.
  
  template object
  
  Additional properties are allowed.
  
  Hide template attributes Show template attributes object
  
  explain boolean
  
  id string
  
  params object
  
  Hide params attribute Show params attribute object
  
  * object Additional properties
  
  Additional properties are allowed.
  
  profile boolean
  
  source string
  
  An inline search template. Supports the same parameters as the search API's request body. Also supports Mustache variables. If no id is specified, this parameter is required.
  
  rest_total_hits_as_int boolean
  
  timeout string Required
  
  A duration. Units can be nanos, micros, ms (milliseconds), s (seconds), m (minutes), h (hours) and d (days). Also accepts "0" without a unit and "-1" to indicate an unspecified value.
trigger object

Additional properties are allowed.
Hide trigger attribute Show trigger attribute object
- schedule object
  
  Additional properties are allowed.
  Hide schedule attributes Show schedule attributes object
  
  timezone string
  
  cron string
  
  daily object
  
  Additional properties are allowed.
  
  Hide daily attribute Show daily attribute object
  
  at array[string | object] Required
  
  A time of day, expressed either as hh:mm, noon, midnight, or an hour/minutes structure.
  
  One of:
  _types:ScheduleTimeOfDay string _types:HourAndMinute object
  
  hourly object
  
  Additional properties are allowed.
  
  Hide hourly attribute Show hourly attribute object
  
  minute array[number] Required
  
  interval string
  
  A duration. Units can be nanos, micros, ms (milliseconds), s (seconds), m (minutes), h (hours) and d (days). Also accepts "0" without a unit and "-1" to indicate an unspecified value.
  
  monthly object | array[object]
  
  One of:
  _types:TimeOfMonth object array-2 array[object]
  
  Hide attributes Show attributes object
  
  at array[string] Required
  
  on array[number] Required
  
  weekly object | array[object]
  
  One of:
  _types:TimeOfWeek object array-2 array[object]
  
  Hide attributes Show attributes object
  
  at array[string] Required
  
  on array[string] Required
  
  Values are sunday, monday, tuesday, wednesday, thursday, friday, or saturday.
  
  yearly object | array[object]
  
  One of:
  _types:TimeOfYear object array-2 array[object]
  
  Hide attributes Show attributes
  
  at array[string] Required
  
  int array[string] Required
  
  Values are january, february, march, april, may, june, july, august, september, october, november, or december.
  
  on array[number] Required
  
  Hide attributes Show attributes object
  
  at array[string] Required
  
  int array[string] Required
  
  Values are january, february, march, april, may, june, july, august, september, october, november, or december.
  
  on array[number] Required

Responses

200 application/json
Hide response attributes Show response attributes object
- created boolean Required
- _id string Required
- _primary_term number Required
- _seq_no number Required
- _version number Required

PUT /_watcher/watch/{id}

curl \
 -X PUT http://api.example.com/_watcher/watch/{id} \
 -H "Content-Type: application/json" \
 -d '{"actions":{"additionalProperty1":{"action_type":"email","condition":{"always":{},"array_compare":{"additionalProperty1":{"path":"string"},"additionalProperty2":{"path":"string"}},"compare":{"additionalProperty1":{},"additionalProperty2":{}},"never":{},"script":{"lang":"string","params":{"additionalProperty1":{},"additionalProperty2":{}},"source":"string","id":"string"}},"foreach":"string","max_iterations":42.0,"name":"string","throttle_period":"string","":{"auth":{"basic":{"password":"string","username":"string"}},"body":"string","connection_timeout":"string","headers":{"additionalProperty1":"string","additionalProperty2":"string"},"host":"string","method":"head","params":{"additionalProperty1":"string","additionalProperty2":"string"},"path":"string","port":42.0,"proxy":{"host":"string","port":42.0},"read_timeout":"string","scheme":"http","url":"string"},"transform":{"chain":[{}],"script":{"lang":"string","params":{"additionalProperty1":{},"additionalProperty2":{}},"source":"string","id":"string"},"search":{"request":{"body":{"query":{}},"indices":["string"],"indices_options":{"allow_no_indices":true,"expand_wildcards":"string","ignore_unavailable":true,"ignore_throttled":true},"search_type":"query_then_fetch","template":{"explain":true,"id":"string","params":{},"profile":true,"source":"string"},"rest_total_hits_as_int":true},"timeout":"string"}},"index":{"index":"string","doc_id":"string","refresh":"true","op_type":"index","timeout":"string","execution_time_field":"string"},"logging":{"level":"string","text":"string","category":"string"},"slack":{"account":"string","message":{"attachments":[{"author_icon":"string","author_link":"string","author_name":"string","color":"string","fallback":"string","fields":[{}],"footer":"string","footer_icon":"string","image_url":"string","pretext":"string","text":"string","thumb_url":"string","title":"string","title_link":"string"}],"dynamic_attachments":{"attachment_template":{"author_icon":"string","author_link":"string","author_name":"string","color":"string","fallback":"string","fields":[{}],"footer":"string","footer_icon":"string","image_url":"string","pretext":"string","text":"string","thumb_url":"string","title":"string","title_link":"string"},"list_path":"string"},"from":"string","icon":"string","text":"string","to":["string"]}}},"additionalProperty2":{"action_type":"email","condition":{"always":{},"array_compare":{"additionalProperty1":{"path":"string"},"additionalProperty2":{"path":"string"}},"compare":{"additionalProperty1":{},"additionalProperty2":{}},"never":{},"script":{"lang":"string","params":{"additionalProperty1":{},"additionalProperty2":{}},"source":"string","id":"string"}},"foreach":"string","max_iterations":42.0,"name":"string","throttle_period":"string","":{"auth":{"basic":{"password":"string","username":"string"}},"body":"string","connection_timeout":"string","headers":{"additionalProperty1":"string","additionalProperty2":"string"},"host":"string","method":"head","params":{"additionalProperty1":"string","additionalProperty2":"string"},"path":"string","port":42.0,"proxy":{"host":"string","port":42.0},"read_timeout":"string","scheme":"http","url":"string"},"transform":{"chain":[{}],"script":{"lang":"string","params":{"additionalProperty1":{},"additionalProperty2":{}},"source":"string","id":"string"},"search":{"request":{"body":{"query":{}},"indices":["string"],"indices_options":{"allow_no_indices":true,"expand_wildcards":"string","ignore_unavailable":true,"ignore_throttled":true},"search_type":"query_then_fetch","template":{"explain":true,"id":"string","params":{},"profile":true,"source":"string"},"rest_total_hits_as_int":true},"timeout":"string"}},"index":{"index":"string","doc_id":"string","refresh":"true","op_type":"index","timeout":"string","execution_time_field":"string"},"logging":{"level":"string","text":"string","category":"string"},"slack":{"account":"string","message":{"attachments":[{"author_icon":"string","author_link":"string","author_name":"string","color":"string","fallback":"string","fields":[{}],"footer":"string","footer_icon":"string","image_url":"string","pretext":"string","text":"string","thumb_url":"string","title":"string","title_link":"string"}],"dynamic_attachments":{"attachment_template":{"author_icon":"string","author_link":"string","author_name":"string","color":"string","fallback":"string","fields":[{}],"footer":"string","footer_icon":"string","image_url":"string","pretext":"string","text":"string","thumb_url":"string","title":"string","title_link":"string"},"list_path":"string"},"from":"string","icon":"string","text":"string","to":["string"]}}}},"condition":{"always":{},"array_compare":{"additionalProperty1":{"path":"string"},"additionalProperty2":{"path":"string"}},"compare":{"additionalProperty1":{},"additionalProperty2":{}},"never":{},"script":{"lang":"string","params":{"additionalProperty1":{},"additionalProperty2":{}},"source":"string","id":"string"}},"input":{"chain":{"inputs":[{"*":{}}]},"http":{"extract":["string"],"request":{"auth":{"basic":{"password":"string","username":"string"}},"body":"string","connection_timeout":"string","headers":{"additionalProperty1":"string","additionalProperty2":"string"},"host":"string","method":"head","params":{"additionalProperty1":"string","additionalProperty2":"string"},"path":"string","port":42.0,"proxy":{"host":"string","port":42.0},"read_timeout":"string","scheme":"http","url":"string"},"response_content_type":"json"},"search":{"extract":["string"],"request":{"body":{"query":{}},"indices":["string"],"indices_options":{"allow_no_indices":true,"expand_wildcards":"string","ignore_unavailable":true,"ignore_throttled":true},"search_type":"query_then_fetch","template":{"explain":true,"id":"string","params":{"additionalProperty1":{},"additionalProperty2":{}},"profile":true,"source":"string"},"rest_total_hits_as_int":true},"timeout":"string"},"simple":{"additionalProperty1":{},"additionalProperty2":{}}},"metadata":{"additionalProperty1":{},"additionalProperty2":{}},"throttle_period":"string","transform":{"chain":[{}],"script":{"lang":"string","params":{"additionalProperty1":{},"additionalProperty2":{}},"source":"string","id":"string"},"search":{"request":{"body":{"query":{}},"indices":["string"],"indices_options":{"allow_no_indices":true,"expand_wildcards":"string","ignore_unavailable":true,"ignore_throttled":true},"search_type":"query_then_fetch","template":{"explain":true,"id":"string","params":{"additionalProperty1":{},"additionalProperty2":{}},"profile":true,"source":"string"},"rest_total_hits_as_int":true},"timeout":"string"}},"trigger":{"schedule":{"timezone":"string","cron":"string","daily":{"at":["string"]},"hourly":{"minute":[42.0]},"interval":"string","monthly":{"at":["string"],"on":[42.0]},"weekly":{"at":["string"],"on":["sunday"]},"yearly":{"at":["string"],"int":["january"],"on":[42.0]}}}}'

Request examples

{
  "actions": {
    "additionalProperty1": {
      "action_type": "email",
      "condition": {
        "always": {},
        "array_compare": {
          "additionalProperty1": {
            "path": "string"
          },
          "additionalProperty2": {
            "path": "string"
          }
        },
        "compare": {
          "additionalProperty1": {},
          "additionalProperty2": {}
        },
        "never": {},
        "script": {
          "lang": "string",
          "params": {
            "additionalProperty1": {},
            "additionalProperty2": {}
          },
          "source": "string",
          "id": "string"
        }
      },
      "foreach": "string",
      "max_iterations": 42.0,
      "name": "string",
      "throttle_period": "string",
      "": {
        "auth": {
          "basic": {
            "password": "string",
            "username": "string"
          }
        },
        "body": "string",
        "connection_timeout": "string",
        "headers": {
          "additionalProperty1": "string",
          "additionalProperty2": "string"
        },
        "host": "string",
        "method": "head",
        "params": {
          "additionalProperty1": "string",
          "additionalProperty2": "string"
        },
        "path": "string",
        "port": 42.0,
        "proxy": {
          "host": "string",
          "port": 42.0
        },
        "read_timeout": "string",
        "scheme": "http",
        "url": "string"
      },
      "transform": {
        "chain": [
          {}
        ],
        "script": {
          "lang": "string",
          "params": {
            "additionalProperty1": {},
            "additionalProperty2": {}
          },
          "source": "string",
          "id": "string"
        },
        "search": {
          "request": {
            "body": {
              "query": {}
            },
            "indices": [
              "string"
            ],
            "indices_options": {
              "allow_no_indices": true,
              "expand_wildcards": "string",
              "ignore_unavailable": true,
              "ignore_throttled": true
            },
            "search_type": "query_then_fetch",
            "template": {
              "explain": true,
              "id": "string",
              "params": {},
              "profile": true,
              "source": "string"
            },
            "rest_total_hits_as_int": true
          },
          "timeout": "string"
        }
      },
      "index": {
        "index": "string",
        "doc_id": "string",
        "refresh": "true",
        "op_type": "index",
        "timeout": "string",
        "execution_time_field": "string"
      },
      "logging": {
        "level": "string",
        "text": "string",
        "category": "string"
      },
      "slack": {
        "account": "string",
        "message": {
          "attachments": [
            {
              "author_icon": "string",
              "author_link": "string",
              "author_name": "string",
              "color": "string",
              "fallback": "string",
              "fields": [
                {}
              ],
              "footer": "string",
              "footer_icon": "string",
              "image_url": "string",
              "pretext": "string",
              "text": "string",
              "thumb_url": "string",
              "title": "string",
              "title_link": "string"
            }
          ],
          "dynamic_attachments": {
            "attachment_template": {
              "author_icon": "string",
              "author_link": "string",
              "author_name": "string",
              "color": "string",
              "fallback": "string",
              "fields": [
                {}
              ],
              "footer": "string",
              "footer_icon": "string",
              "image_url": "string",
              "pretext": "string",
              "text": "string",
              "thumb_url": "string",
              "title": "string",
              "title_link": "string"
            },
            "list_path": "string"
          },
          "from": "string",
          "icon": "string",
          "text": "string",
          "to": [
            "string"
          ]
        }
      }
    },
    "additionalProperty2": {
      "action_type": "email",
      "condition": {
        "always": {},
        "array_compare": {
          "additionalProperty1": {
            "path": "string"
          },
          "additionalProperty2": {
            "path": "string"
          }
        },
        "compare": {
          "additionalProperty1": {},
          "additionalProperty2": {}
        },
        "never": {},
        "script": {
          "lang": "string",
          "params": {
            "additionalProperty1": {},
            "additionalProperty2": {}
          },
          "source": "string",
          "id": "string"
        }
      },
      "foreach": "string",
      "max_iterations": 42.0,
      "name": "string",
      "throttle_period": "string",
      "": {
        "auth": {
          "basic": {
            "password": "string",
            "username": "string"
          }
        },
        "body": "string",
        "connection_timeout": "string",
        "headers": {
          "additionalProperty1": "string",
          "additionalProperty2": "string"
        },
        "host": "string",
        "method": "head",
        "params": {
          "additionalProperty1": "string",
          "additionalProperty2": "string"
        },
        "path": "string",
        "port": 42.0,
        "proxy": {
          "host": "string",
          "port": 42.0
        },
        "read_timeout": "string",
        "scheme": "http",
        "url": "string"
      },
      "transform": {
        "chain": [
          {}
        ],
        "script": {
          "lang": "string",
          "params": {
            "additionalProperty1": {},
            "additionalProperty2": {}
          },
          "source": "string",
          "id": "string"
        },
        "search": {
          "request": {
            "body": {
              "query": {}
            },
            "indices": [
              "string"
            ],
            "indices_options": {
              "allow_no_indices": true,
              "expand_wildcards": "string",
              "ignore_unavailable": true,
              "ignore_throttled": true
            },
            "search_type": "query_then_fetch",
            "template": {
              "explain": true,
              "id": "string",
              "params": {},
              "profile": true,
              "source": "string"
            },
            "rest_total_hits_as_int": true
          },
          "timeout": "string"
        }
      },
      "index": {
        "index": "string",
        "doc_id": "string",
        "refresh": "true",
        "op_type": "index",
        "timeout": "string",
        "execution_time_field": "string"
      },
      "logging": {
        "level": "string",
        "text": "string",
        "category": "string"
      },
      "slack": {
        "account": "string",
        "message": {
          "attachments": [
            {
              "author_icon": "string",
              "author_link": "string",
              "author_name": "string",
              "color": "string",
              "fallback": "string",
              "fields": [
                {}
              ],
              "footer": "string",
              "footer_icon": "string",
              "image_url": "string",
              "pretext": "string",
              "text": "string",
              "thumb_url": "string",
              "title": "string",
              "title_link": "string"
            }
          ],
          "dynamic_attachments": {
            "attachment_template": {
              "author_icon": "string",
              "author_link": "string",
              "author_name": "string",
              "color": "string",
              "fallback": "string",
              "fields": [
                {}
              ],
              "footer": "string",
              "footer_icon": "string",
              "image_url": "string",
              "pretext": "string",
              "text": "string",
              "thumb_url": "string",
              "title": "string",
              "title_link": "string"
            },
            "list_path": "string"
          },
          "from": "string",
          "icon": "string",
          "text": "string",
          "to": [
            "string"
          ]
        }
      }
    }
  },
  "condition": {
    "always": {},
    "array_compare": {
      "additionalProperty1": {
        "path": "string"
      },
      "additionalProperty2": {
        "path": "string"
      }
    },
    "compare": {
      "additionalProperty1": {},
      "additionalProperty2": {}
    },
    "never": {},
    "script": {
      "lang": "string",
      "params": {
        "additionalProperty1": {},
        "additionalProperty2": {}
      },
      "source": "string",
      "id": "string"
    }
  },
  "input": {
    "chain": {
      "inputs": [
        {
          "*": {}
        }
      ]
    },
    "http": {
      "extract": [
        "string"
      ],
      "request": {
        "auth": {
          "basic": {
            "password": "string",
            "username": "string"
          }
        },
        "body": "string",
        "connection_timeout": "string",
        "headers": {
          "additionalProperty1": "string",
          "additionalProperty2": "string"
        },
        "host": "string",
        "method": "head",
        "params": {
          "additionalProperty1": "string",
          "additionalProperty2": "string"
        },
        "path": "string",
        "port": 42.0,
        "proxy": {
          "host": "string",
          "port": 42.0
        },
        "read_timeout": "string",
        "scheme": "http",
        "url": "string"
      },
      "response_content_type": "json"
    },
    "search": {
      "extract": [
        "string"
      ],
      "request": {
        "body": {
          "query": {}
        },
        "indices": [
          "string"
        ],
        "indices_options": {
          "allow_no_indices": true,
          "expand_wildcards": "string",
          "ignore_unavailable": true,
          "ignore_throttled": true
        },
        "search_type": "query_then_fetch",
        "template": {
          "explain": true,
          "id": "string",
          "params": {
            "additionalProperty1": {},
            "additionalProperty2": {}
          },
          "profile": true,
          "source": "string"
        },
        "rest_total_hits_as_int": true
      },
      "timeout": "string"
    },
    "simple": {
      "additionalProperty1": {},
      "additionalProperty2": {}
    }
  },
  "metadata": {
    "additionalProperty1": {},
    "additionalProperty2": {}
  },
  "throttle_period": "string",
  "transform": {
    "chain": [
      {}
    ],
    "script": {
      "lang": "string",
      "params": {
        "additionalProperty1": {},
        "additionalProperty2": {}
      },
      "source": "string",
      "id": "string"
    },
    "search": {
      "request": {
        "body": {
          "query": {}
        },
        "indices": [
          "string"
        ],
        "indices_options": {
          "allow_no_indices": true,
          "expand_wildcards": "string",
          "ignore_unavailable": true,
          "ignore_throttled": true
        },
        "search_type": "query_then_fetch",
        "template": {
          "explain": true,
          "id": "string",
          "params": {
            "additionalProperty1": {},
            "additionalProperty2": {}
          },
          "profile": true,
          "source": "string"
        },
        "rest_total_hits_as_int": true
      },
      "timeout": "string"
    }
  },
  "trigger": {
    "schedule": {
      "timezone": "string",
      "cron": "string",
      "daily": {
        "at": [
          "string"
        ]
      },
      "hourly": {
        "minute": [
          42.0
        ]
      },
      "interval": "string",
      "monthly": {
        "at": [
          "string"
        ],
        "on": [
          42.0
        ]
      },
      "weekly": {
        "at": [
          "string"
        ],
        "on": [
          "sunday"
        ]
      },
      "yearly": {
        "at": [
          "string"
        ],
        "int": [
          "january"
        ],
        "on": [
          42.0
        ]
      }
    }
  }
}

Response examples (200)

{
  "created": true,
  "_id": "string",
  "_primary_term": 42.0,
  "_seq_no": 42.0,
  "_version": 42.0
}