lief
February 5, 2020, 8:44pm
1
Hello,
I tried to set up some notifications related to a stream which log autentication failure on SSH
Here an example of a message that i received with the differents fields :
But when I received the mail the custom fields are empty :
Fields:
Do you know how to fix this ?
Regards
shoothub
February 6, 2020, 7:20am
2
Check my previous post about this topis:
Hello, syntax is the same also in latest version 3.1
Check if you setup correctly Message Backlog parameter in Alerts - Event Definitions - Edit - tab Notification, check field Message Backlog and set to 1. It’s a number of messages to be included in Notification, if 0 no field will be extracted in message.
I use for example this snippet after user connect to switch:
${if backlog}
${foreach backlog message}
User ${message.fields.username} connected to switch ${message.source} from IP ${me…
system
February 20, 2020, 7:26am
3
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.
