Hi,
I am trying to get some data from the returned query results into my web hook action but I cant get it to work. The bellow is a simple example I came up with to test out what I wanted to do. ctx.payload.hits.hits.0.fields.message should be returning a hostname to me but it returns nothing.
I have tried hardcoding the hostname in place of the ctx..payload... so I know everything reaches my api fine. What am I doing wrong?
curl -XPUT 'http://localhost:9200/_watcher/watch/log_error_watch' -d '{
"trigger" : { "schedule" : { "interval" : "10s" } },
"input" : {
"search" : {
"request" : {
"indices" : [ "logstash-*" ],
"body" : {
"query" : {
"match" : { "message": "WIN7-64-VM" }
}
}
}
}
},
"condition" : {
"compare" : { "ctx.payload.hits.total" : { "gt" : 0 }}
},
"actions" : {
"my_webhook": {
"webhook": {
"method": "POST",
"host": "myhostname",
"port": 8080,
"path": "/myapp/api",
"headers" : {
"Content-Type": "application/json",
"Accept": "application/json"
},
"body": "{ \"hostName\": \"{{ctx.payload.hits.hits.0.fields.message}}\", \"userId\": \"test\"}"
}
}
}
}'