Hi All,
I want to add a custom alert fields in to a slack message.
With the events the following fields are added as an example
Severity
Technique
In my slack message, i have the following setup in the notification with a backlog of 1
This alert indicates that a security event occurred that requires investigating.
EventTechnique: message.fields.Technique
Event Severity: message.fields.Severity
The full details are appended to this message
###########
Alert Description: {check_result.resultDescription}
Host Affect: message.source
Time: message.timestamp
Date: {check_result.triggeredAt}
Alert Condition Title: {alert_condition.title}
{if stream_url}Stream URL: {stream_url}{end}
Triggered condition: ${check_result.triggeredCondition}
###########
{if backlog}Last messages accounting for this alert: {foreach backlog message}${message}
{end}{else}
${end}
When i get the slack alert the fields are not populated?
Any help
Cheers Jake