Request: http Notification template

Would it be possible to have a template for the HTTP Notification, like the email template ?
It would be perfect if that that was possible.
It would make it sooo much more flexible…
It is more difficult to do the translation on the receiving side…
Something like:
Custom Headers: …

${foreach event.fields field}  <FIELD>${field.key}</FIELD> <VALUE>${field.value}</VALUE>
${foreach backlog message}

That would be awesome.

1 Like

Hello @jra, it looks like there’s a feature request open for this already.

Feel free to tack on!


Not quite…
The one you are referencing is to make it an HTML template for mail working correctly.

This request is to make it possible to make a custom body and headers for an HTTP push notification.
Currently it only supports a fixed HTTP POST Body…

From the help file:
HTTP alert notification
The HTTP alert notification lets you configure an endpoint that will be called when the alert is triggered.

Graylog will send a POST request to the notification URL including information about the alert. The body of the request is the JSON encoded data described above.

Here is an example of the payload included in a notification:

  "event_definition_id": "this-is-a-test-notification",
  "event_definition_type": "test-dummy-v1",
  "event_definition_title": "Event Definition Test Title",
  "event_definition_description": "Event Definition Test Description",
  "job_definition_id": "<unknown>",
  "job_trigger_id": "<unknown>",
  "event": {
    "id": "NotificationTestId",
    "event_definition_type": "notification-test-v1",
    "event_definition_id": "EventDefinitionTestId",
    "origin_context": "urn:graylog:message:es:testIndex_42:b5e53442-12bb-4374-90ed-0deadbeefbaz",
    "timestamp": "2020-05-20T11:35:11.117Z",
    "timestamp_processing": "2020-05-20T11:35:11.117Z",
    "timerange_start": null,
    "timerange_end": null,
    "streams": [
    "source_streams": [],
    "message": "Notification test message triggered from user <admin>",
    "source": "000000000000000000000001",
    "key_tuple": [
    "key": "testkey",
    "priority": 2,
    "alert": true,
    "fields": {
      "field1": "value1",
      "field2": "value2"
  "backlog": []

Good point. You should make a new feature request on GitHub for this.

:sunglasses: Will do…


1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.