I have created a watcher.
When I put the query in Discover search box, I get the following output:
We are searching for a functionality to provide values of path and @timestamp in e-mail notification as shown for each result in the Discover window.
Alternatively, Is there any way to attach all JSON files generated by search result as shown in Discover window of Kibana, in e-mail notification:
Hey,
you can use mustache in the email body to access arbitrary data from the input. See the example in the docs. In order to access the first searchhit, you could try ctx.payload.hits.hits.0._source.@timestamp.
Hope this helps!
--Alex
Thanks Alex,
I have used you suggested but not seeing the value of @timestamp in the e-mail.
Used it like this in e-mail body in JSON of watcher:
"body": {
"text": "Timestamp:{{ctx.payload.hits.hits.0._source.@timestamp}}"
}
I am new to Kibana. May be making a basic mistake.
Hi Alex,
One more thing I found regarding _source.
When I try to print {{ctx.payload}} in the e-mail, I am not seeing anything in the _source:
Is the empty _source is the reason I am not able to see value of @timestamp in the e-mail.
Regards,
Varun
can you retrieve the source of that document by calling GET index/doc/ID_OF_DOC/_source and GET index/doc/ID_OF_DOC - looks as if there is no JSON in that document.
Also please include the whole query here or better yet the whole watch and the whole execute watch API output instead of snippets. This would ease debugging tremendously.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.