Hello,
I am currently using
Kibana version: 4.5.4
Elasticsearch version: 2.X
logstash Version : 2.2
I have also added watcher plugin to get email notifications.
Everything is working fine.
I need to do some extra modification with watcher plugin.
I want emails with error log data, not just the title but with the full error log description.
Can you please help me?
Kindly please help?
Please note that his forum does not come with an SLA bound to it. If you need support within a certain time, then please check out our subscriptions.
That said, can you please elaborate a bit more? Is this a question of how to create a watch or do you need help adapting an existing one? Far more information is needed to properly help.
Also note, that the elasticsearch version you are using is no longer in development and not even in maintenance mode. If you want to get bugfixes along with more features, you should switch to Elasticsearch 6.x.
Thank you so much for your time and response.
I need help adapting the existing one.
I have already set the watcher, Now i am looking for the total message(log message) as a body to send email.
The watcher currently i set is as follows:
curl -XPUT 'localhost:9200/_watcher/watch/auths_alert?pretty' -H 'Content-Type: application/json' -d'
{
"trigger" : {
"schedule" : {
"interval" : "5m"
}
},
"input" : {
"search" : {
"request" : {
"indices" : "filebeat-2018.04.17",
"body" : {
"size" : 0,
"query" : { "match" : { "message" : "authentication" } }
}
}
}
},
"condition" : {
"compare" : {
"ctx.payload.hits.total" : {
"gt" : 3
}
}
},
"actions" : {
"email_administrator" : {
"throttle_period": "15m",
"email" : {
"to" : "testemail@hotmail.com",
"subject" : "Encountered {{ctx.payload.hits.total}} errors",
"body" : "Too many Unknown error in the system, see attached data",
"priority" : "high"
}
}
}
}
'
It is working fine but i want it to elaborate more, So when i receive mail i also want total logs for that error in mail body.
In short in body of mail, we can view whole message.
Please help?
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.