Hello,
I have an alert using rule from security section.
My aim is to gather some information into the mail alert from the alert:
In my example, I would like to take the username & the ip:
{{#context.hits}} Username: {{_source.source.user.name}} - IP: {{_source.destination.ip}}
{{/context.hits}}
I try several different configuration following links like Rule action variables | Kibana Guide [8.10] | Elastic.
But everytimes, there is a blank on my email alert.
Anyone experienced this ?
Any clue is appreciated
Thank you