I am trying to set up Watcher Slack notifications, but I have some questions that your documentation are not clear on.
According to this article I am supposed to use the keystore tool to add the account name and URL to the keystore, but how do I go about using the keystore tool? The example shows: bin/elasticsearch-keystore add xpack.notification.slack.account.monitoring.secure_url
Where and how do I run this command if our stack is in the cloud?
What is the syntax of this command when adding a setting? Is it bin/elasticsearch-keystore add xpack.notification.slack.account.monitoring.secure_url=https://hooks.slack.com/services/TOKEN ?
After this is all done, how do I proceed from here to get the notifications to Slack? Your documentation states:
Thank you, I got it working. I do however have another question for you. The Slack alert does not want to display the message when I use:
{{ctx.payload.hits.hits.0._source.agent.message}}
It works for the email and I can see the message, but it's not displaying anything in Slack. Is there perhaps another way to extract the message so that I can display it in Slack?
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.