Kibana Alerting - Index Action

Im a new ELK user taking advantage of the open source/free release due to budget constraints of COVID-19. I'm using the new open sourced kibana actions and alerts. I was wondering if it is possible to change what data is included in "context.message" for the index action. When creating a basic alert from the Uptime page. It can include the context.message. This includes the monitor.group i believe which in turn makes the message say "Monitor status: Down for icmp-" It would be nice to include IP info, hostname, etc. instead of this randomly defined group name.

Is it possible to change what Kibana includes in the context.message from the heartbeat index?

Also is there a timeline on releasing the email option for free? This is a pretty basic one. I'd rather not have to write a custom script to monitor an index and run a mail command..

Hi @David_McMurray Welcome to Elastic Discuss forum, i am glad you are taking advantage of free and open ELK platform.

Unfortunately there is no way at the moment to change context.message content. But good news is that we have already implemented the feature in PR https://github.com/elastic/kibana/pull/74659

It will be shipped with 7.10 and you will be able to include the fields you desire in your alert message.

Regards

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.