I'm creating alerts using the new Alert GUI. Wondering how I would add available fields from the log entries. For an example we have a field called rcm.serverdesc that provided the friendly name of the server the error was on. Below is an image of the query Im alerting off of and the fields I would like to add if possible.
Below is whats currently in the message configuration:
Elasticsearch query alert '{{alertName}}' is active:
- Value: {{context.value}}
- Conditions Met: {{context.conditions}} over {{params.timeWindowSize}}{{params.timeWindowUnit}}
- Timestamp: {{context.date}}
- Link: {{context.link}}
- Message : This indicates blah blah blah url blah blah blah may be having an issue. Please reach out to Support at blah blah blah if need be.