Logstash + TG

Hi there!
I try to set logstash.config to send alerts to telegram bot.
I added in output section http part and recreated logstash container, but still can’t get alerts. Locally from api alerts are working.
Logstash placed in k8s.
Any suggestions and personal experience very appreciated :pray:t3:
What setting and where i need to add? I didn’t find in internet any detailed instructions.

Thanks so much for reaching out, @TatianaKlimova91. Can you say a bit more about how you are sending the requests to Telegram? Do you have a code sample you can provide?

I have seen a few older posts on this topic as well that could be helpful:

Yes, i alreade have checked these posts, but unfortunately the suggestion there were not helpful:(
The example code og logstash.conf in pipline folder is:

input {
Some code }

filter {
Some code }

output {
elasticsearch plugin output {}
If “string pattern” in [log] {
http plugin { here some code for tg api which works ok from pod by curl request
url => “url here”
http_method => “post”
format => message
content_type => “application/json”
message => ‘{“chat_id”: “id here”, “text”: “text here”}’}

So, code pattern looks like this. I need to add that when i add http-input-plugin or exec-input-plugin with curl it works fine. The issue is only related with output http plugin.

Mb i missed something?

Telegram url should have the https connection which means you are missing cacert and ssl_verification_mode parameters.

1 Like

Okay, i ll check, thank you for advice!

Telegram uses public and know CAs, there is no need for it.

Can you change your output to a file and see if you are getting any events? If you are getting events with the file output, but not with the http output, then your issue may be in the configuration of the http output and you would probably have some logs in logstash logs.