diff --git a/elastalert/alerts.py b/elastalert/alerts.py index 635550533..cb0dc654e 100644 --- a/elastalert/alerts.py +++ b/elastalert/alerts.py @@ -4,7 +4,6 @@ import json import logging import os -import re import subprocess import sys import time @@ -2126,12 +2125,13 @@ def get_aggregation_summary_text(self, matches): def create_artifacts(self, match): artifacts = [] + context = {'rule': self.rule, 'match': match} for mapping in self.rule.get('hive_observable_data_mapping', []): for observable_type, match_data_key in mapping.iteritems(): try: - artifacts.append(AlertArtifact(dataType=observable_type, data=match_data_key.format(**{'rule': self.rule, 'match': match}))) + artifacts.append(AlertArtifact(dataType=observable_type, data=match_data_key.format(**context))) except KeyError: - raise KeyError('\nformat string\n{}\nmatch data\n{}'.format(match_data_key, {'rule': self.rule, 'match': match})) + raise KeyError('\nformat string\n{}\nmatch data\n{}'.format(match_data_key, context)) return artifacts def create_alert_config(self, match):