Hello,

I would like to personalise my email alerts.
Currently, here is what I have set:

—[ALERTE]---------------------------

Un mauvais mot de passe a été forcé au moins 3 fois sur les 30 dernières secondes

${if backlog}
--- [Logs] ------------------------------------
${foreach backlog message}
Informations: ${message.fields.message}

Source : ${event.source}

Heure ${event.timestamp}
${end} ${end}

Here it is an alert in case several wrong passwords have been entered
Currently only the time field returns a value… how can I get a value with the wrong username? My information and source fields are not working… thanks

Translated with DeepL Translate: The world's most accurate translator (free version)

Hello @tco

First , please use the markdown when posting Codes/Logs/Configuration files shown here

Second, your macros are incorrect in this section of the Notification file.

It should be like this.

Source: ${message.source}

Heure:  ${message.timestamp}

if you have other fields that are needed and are NOT default fields, you need to set them like this example:

Users: ${messages.fields.users}

bonjour,

merci pour votre réponse

j’ai configuré comme ceci mais je n’ai pas de retour dans le champ source :

—[ALERTE]---------------------------

Le journal d'audit a été effacé volontairement

${if backlog}
--- [Logs] ------------------------------------
${foreach backlog message}
Information: ${message.fields.full_message}

Source: ${message.fields.source}

Heure: ${message.timestamp}
${end} ${end}

i tried ${messages.fields.sources} et ${messages.sources}

here is the content of the source field I would like to display

Hi,

you used messages:

Try it with only message:

${message.source}

@tco

I showed this earlier.

it works for me

thank you

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.