email Notification message problems

magic199 · July 15, 2024, 7:02am

Graylog version: v6.0.2

The following are the messages collected by Linux rsyslog forward to Graylog Server

2024-07-15 13:48:05.000 FS01
FS01 sshd[12670]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=10.1.2.50 user=test

I want the Source IP and User information to be displayed on the email Notification message

${foreach backlog message}

Host： ${message.source} Host IP： ${message.fields.gl2_remote_ip} Source IP：${message.rhost} User： ${message.user} Message： ${message}

Please tell me how to present this, thanks！

system · July 29, 2024, 7:03am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Mikrotik Log and email notification alert Graylog Central (peer support) alert	3	1855	January 18, 2022
Email notifications customization not working Graylog Central (peer support)	5	717	February 20, 2023
No message sources found Graylog Central (peer support)	6	1717	April 5, 2017
How to receive the notification with the source info Graylog Central (peer support)	1	741	January 22, 2019
Email Alerts w/ Additional Information Graylog Central (peer support)	8	871	January 26, 2021

email Notification message problems

Related topics