Alert output formatting #94

Raksniru · 2021-04-27T04:03:11Z

Raksniru
Apr 27, 2021

type:fluent-bit-logs tags:_timestampparsefailure, _grokparsefailure stream:stderr
log:*1|ERRORServer handshake failed, err[remote error: tls: bad certificate] @Version:1
Pod:co @timestamp:Apr 27, 2021 @ 08:30:04.505
Namespace:default
Container_ID:con time:Apr 27, 2021 @ 08:30:04.456
_id:vaFEEXkBMG7H_dQ4_QSA _
type:doc
_index:cloud-2021.04.27 _score:

This is the standard format of log observed on kibana dashboard , there are many fields as mentioned above , but on my email or slack i want the elastalert to send only few fields data like , "log , pod , container" how can i filter out only those fields and get an alert

Answered by ferozsalam

Apr 27, 2021

The documentation here covers it.

View full answer

ferozsalam · 2021-04-27T07:39:43Z

ferozsalam
Apr 27, 2021
Collaborator

The documentation here covers it.

3 replies

Raksniru Apr 27, 2021
Author

Warning

Warning
output is like this

ferozsalam Apr 27, 2021
Collaborator

You also need an alert_text field.

Raksniru Apr 27, 2021
Author

got it thank you ,

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Alert output formatting #94

{{title}}

Replies: 1 comment 3 replies

{{title}}

{{title}}

{{title}}

{{title}}

Select a reply

Alert output formatting #94

Raksniru Apr 27, 2021

Replies: 1 comment · 3 replies

ferozsalam Apr 27, 2021 Collaborator

Raksniru Apr 27, 2021 Author

ferozsalam Apr 27, 2021 Collaborator

Raksniru Apr 27, 2021 Author

Raksniru
Apr 27, 2021

Replies: 1 comment 3 replies

ferozsalam
Apr 27, 2021
Collaborator

Raksniru Apr 27, 2021
Author

ferozsalam Apr 27, 2021
Collaborator

Raksniru Apr 27, 2021
Author