Hello, I’ve GrayLog 2.4 working as expected but I need to customize the E-Mail subject in order to get the below desired setup, I want to Include only the Source, Conditions’ Tile & Device Host-name highlighted below. Ex. 10.15.2.22 | RMS-SW-S9306-03 | LoopDetected Below is a SNAP from the email…

Correct one will be (sorry for previous post, editor broke some characters): ${foreach backlog message}${message.fields.hostname}${end}

How to customize Graylog message notification subject

shoothub (Shoothub) July 7, 2020, 7:23am 11

Try to use this GROK extractor (grok pattern) for message field:

%{MONTH} +%{MONTHDAY} %{YEAR} %{TIME} %{HOSTNAME:hostname}

And check Named captures only
This way you extract only hostname to field hostname.

1 Like

Topic		Replies	Views
Add the event source to the subject of an email notification Graylog Central (peer support)	8	4427	December 18, 2019
Adding source message to Notification Graylog Central (peer support)	2	1945	December 6, 2019
Alert: logID + log content Graylog Central (peer support)	2	443	January 2, 2020
Email Variabls to display HOSTNAME, IP, PROCESS, etc Graylog Central (peer support)	9	2159	July 2, 2019
Alert Notification Email Subject Modification Graylog Central (peer support)	3	972	May 27, 2019