Hello,
I defined an Alert Rule with Connector email. I would like to have in the received email the particular message, for which we defined the condition. The field which I would like to see is message. I tried different ways/formats in the email message body to see the content of the message field, however it doesn't work. I tried the following formats:
Could you please help me to find out which format I should use to see the particular error message in the email? In all above cases the string was shown, not the content.
Thanks for the fast feedback.
We do use the Log threshold - maybe not he best choice, but is there a way to include this data in this rule type?
We can also try the ES Query.
I tried the ES Query and I have seen the required error message, so it works.
However, there was the whole content of the indices, so I tried to get a specific element, like {{context.hits.message}}
or {{context.hits.meta_json}}
but then no content was in email. Did I try it correctly? This element is not nested.
Hi @csaba.g ,
Although context.hits.message is available in the index, it is not as a variable to include in the alert message sent by email. The full list of context variables available for Log Threshold rule connectors is:
Thanks @emmma@gmmorris
I tried your syntax, however I still cannot see the particular message. There was a blank space in the e-mail. Do you have another idea, what can be wrong? Thanks
Are you sure the meta_json field is on the doc root itself?
One way to debug this is to dump the entire hits array into the email.
This is done by including the following:
{{#context.hits}}{{.}}{{/context.hits}}
This will iterate through each doc in the context.hits variable and dump the doc as is.
That way you can see exactly what fields are available and what their values are.
If I may use this round for another question:
We would like to also use the Jira connector. However there we can defne only the issue type, summary and additional comments. Is there a way to define another values, for example component? Thanks
I’m assuming you mean the component field under project?
I’m afraid this isn’t currently possible - the Jira connector is limited to those field specified in the UX.
Feel free to file a feature request in the Kibana repo and we’ll look into adding it into the Connector’s roadmap.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.