Hello everybody! Firstly i’d thank developers for such flexible product. Thanks a lot!
There is the case:
I m sending winlogbeats logs from Windows and want to be alerted at some events. There is my “Alert message”:
Alert Description: ${check_result.resultDescription}
Date: ${check_result.triggeredAt}
Stream title: ${stream.title}
Stream description: ${stream.description}
Alert Condition Title: ${alertCondition.title}
${if backlog}Last messages accounting for this alert:
${foreach backlog message}
${message}
${message.message}
${message.fields.fulL_message}
${end}${else}<No backlog>
${end}
There is the alert when recieved:
Alert Description: Dummy alert to test notifications
Date: 2018-03-28T07:22:48.879Z
Stream title: All messages
Stream description: Stream containing all messages
Alert Condition Title:
<No backlog>
Problems:
-
Time is not proper. Actually it should be “Date: 2018-03-28T10:22:48.879Z”
-
Alert Condition Title is blank, both in English and Russian language.
-
I want to get full message field, but i am always getting
<No backlog>output. (Do not look at Dummy alert, there is no difference which condition is trigered)
How could i configure this?
Sorry for silly questions if they are.
Thanks in advance!