No mapping found for [@timestamp] in order to sort on

[alphadev]

Hi, I receive this error in the logs for a rule I created that uses the .ml-anomalies-shared as the index property. The goal for my project is to query the .ml-anomalies-shared index so we can still use the ML functionality in ElasticSearch. Is this even possible using ElastAlert?

Error running query: RequestError(400, u'search_phase_execution_exception', u'No mapping found for [@timestamp] in order to sort on

Here is the rule:

es_host: elasticsearch es_port: 9200 es_username: pass es_password: pass type: frequency #type: any index: .ml-anomalies-shared num_events: 2 timeframe: minutes: 2

Thanks in advance!!