Email notifications fileds

natan.golzman · July 13, 2020, 7:53am

Hi Guys
In the email notification body template-
How can I filter the alert extractor fields in the message?

(if I want to include only specific extractor in the alert notification rather receive the all message)

Many Thanks!

Labidi · July 13, 2020, 9:42am

Hi,
check this please

natan.golzman · July 13, 2020, 11:27am

Thanks!
But in my case the trigger is working as expected and I getting the event through email.

I want to filter the email body only to have certain fields .

dleguizamon · July 13, 2020, 8:38pm

You will need to write your own template. Link below has all information required. It seems you should be looking at the backlog section.

https://docs.graylog.org/en/3.3/pages/alerts.html#notifications

First you need to enable backlog on the alert itself and set it to whatever amount of logs you want to display on your notification. Then on your template in the foreach loop going thru your backlogs you can write things like:

Log timestamp: ${message.timestamp}
Log source: ${message.source}
Log fieldX: ${message.fields.fieldX}
Log fieldY: ${message.fields.fieldY}

natan.golzman · July 14, 2020, 11:53am

dleguizamon- Thank you so much!!
It did the magic!

system · July 28, 2020, 11:58am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Notification mesage filter Graylog Central (peer support)	8	700	December 23, 2019
Graylog notifications - Email body trouble Graylog Central (peer support)	3	989	April 3, 2019
Extractors value in body of notifications Graylog Central (peer support)	3	1684	January 29, 2020
Email Alert Notification Graylog Central (peer support)	6	1160	August 3, 2020
Notification "Body Template" and input extractors Graylog Central (peer support)	6	2419	September 19, 2019

Email notifications fileds

Related topics