Watcher email action: How to include search query in email body or attachment

eeivin · April 28, 2016, 6:32pm

I have the following email action

"actions" : {
"watcher_email" : {
"email": {
"account": "outlook_account",
"to": "'testUser@testDomain.com'",
"subject" : "Watcher Alert: {{ctx.payload.hits.total}} log entries --- severity: Fatal",
"body" : "Watcher "{{ctx.watch_id}}" Encountered {{ctx.payload.hits.total}} log entries, see attached data",
"attachments" : {
"incidentData.json" : {
"data" : {
"format" : "json"
}
}
},
"priority" : "high"
}
}
}

Is there a way to also include search query in email body or attachment?

Thank you for your help,
Eric

spinscale · April 29, 2016, 11:26am

Hey,

you cannot include the search query. however when you only want to include the term that searched for, you could put additional info in the metadata, which is part of the attachment data. You could even reuse that info in your query, by using a search template and referring to the metadata in the params.

--Alex

eeivin · April 29, 2016, 4:13pm

That's great. Thank you for your help.

Is there a way to insert a new line "\n" in the email "body" element?

Topic		Replies	Views
Include Fields in Watcher Email Alert Elasticsearch elastic-stack-alerting , painless	4	334	August 17, 2022
How to create a watch that email specific field from input index? Elasticsearch elastic-stack-alerting	18	6851	July 6, 2017
How to enchance the body text in email actions while using watcher in elasticsearch Elasticsearch elastic-stack-alerting	3	1175	June 7, 2019
Have watcher send several emails for payload with several search results Elasticsearch elastic-stack-alerting	6	3775	July 6, 2017
Watcher Configuration to print results in Email Elasticsearch elastic-stack-alerting	13	3458	July 25, 2018

Watcher email action: How to include search query in email body or attachment

Related Topics