Hello!!
I'm using the watcher to send notifications. For example, an email notification. I would like to include value of Key-Values on email notification.
Practical case example,
I have a watcher that firing when found on a "Down" value on a "status" Key-value.
When watcher it's firing I would like to include content on "server-name" Key-value on email notification.
Is it possible to do it? How?
With {{ctx}} i cannot do it. I only can include for example how many coincidences "Down" I have ({{ctx.payload.hits.total}}).
I am not sure I understand the question fully from your description, so maybe this answer is misleading.
First, whatever is returned as part of your input (be it a search or a HTTP request), can be used in the content when sending an email. ctx.payload includes all your search results.
From what I read the best way forward would be to create a query that contains the proper data. In your case I assume you would like to know all the hosts within a timerange that have a down event - this means, you need to write a query filtering by time range and down event and then aggregate on the hostname, so that you get a list of hosts as part of the aggregations.
You can then access ctx.payload.aggregations fields and extract the hosts that were found to be down.
A good way to get started with these kind of things is to check out the examples repo
Alex, thanks for all. My problem was because size was with value '0'.
When you change this value to '1', on the feedback he include first mach.
If you put for example, "size" : "10" on "attached_data" I have 10 first maches.
Now at email notification, for example, with next code, I receive the timestamp for the first mach.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.