Hey Felix, I can’t say that i have encountered that, it may be a bug though.
To be honest, i use Chronograf to generate the base script then copy it into an IDE like VS Code. I find it works better and you can easily use the available Kapacitor nodes.
|stateDuration and |stateCount are useful nodes if you want to trigger the alert after a set period, but i don’t think Chronograf will accept these nodes in the tick script. It never used to possible.
After generating the script in Chronograf and copy the contents, i disable and delete the task. Edit my TICK script as needed then upload it to my server.
From there you can define your alerts using the Kapacitor CLI.
Assuming you’re using Linux, it would be something like
sudo kapacitor define TaskName -type stream -tick /path_to_tick_file -dbrp DatabaseName.RetentionPolicy
Then to enable it
sudo kapacitor enable TaskName
You should (can, i do it myself) be able to use !=, you can also use regex in the filter =~
I’m not sure if using AND will work, it will be expecting a data point where the tag value is equal to both. Give it a try though.
Kapacitor does support a side load function, you might be able to leverage that to provide a list of end points you want to monitor.
Admitedly it isn’t ideal when you have 200 endpoints to select.
Another option could be to use Kapacitor templates
You would still need to specify the endpoints in a variable file though.