Skip to content

Escape '}' curly brackets in field results #1430

Closed Locked Answered by jertel
artemisent asked this question in Q&A
Discussion options

You must be logged in to vote

You can add an enhancement to the ElastAlert2 deployment, which will replace all problematic chars with something to avoid the problem. Ex: match['process.args'].replace("{", "_CURLY_"). The enhancement will execute and update the arg string before the alert attempts to format and send the email.

There may be other ways to solve it, such as escaping the curl braces.

Replies: 1 comment

Comment options

You must be logged in to vote
0 replies
Answer selected by jertel
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Category
Q&A
Labels
None yet
2 participants