This looks pretty cool and very slick, though it seems very similar to what Graylog[1] offers out of the box, which we've been using in production for some time now.
Correct me if I'm wrong, but wouldn't this allow for a much richer set of alerts since you're able to use the elastic search query syntax? This also allows you to alert on an empty result set which can be pretty handy.