Open ghost opened 5 years ago
Plust 1, just configured alerts for a bunch of developers and they can't find the related message and therefore rendering alerts useless.
Any eta on when this could be fixed? Or a temporary workaround without developers needing to know which index graylog is at?
Any new on this?
Just been making improvements to my alert notifications and this is definitely a feature that would make a big improvement.
I have found a way to include links within notification emails. I have only tested this on messages that are in a single index however, I don't think it will work if a message is in multiple indices.
Including the below inside the backlog iteration of your notification email should provide a functioning link to the message(s) which triggered the alert.
http://<GRAYLOG_HOST>/messages/${message.index}/${message.id}
I have also added this work around to the initial comment on this issue.
It is likely this PR could help with this problem as they normalize parameters across plugins/pages. https://github.com/Graylog2/graylog2-server/pull/7177
We have tried using the suggested workaround for slack notifications but always getting an exception: com.floreysoft.jmte.message.ParseException: Error while parsing 'msg.index' at location (5:49): Property 'index' on object ... [message truncated]
Here is our notification template:
${if backlog}Last messages accounting for this alert: ${foreach backlog msg}${graylog_url}/messages/${msg.index}/${msg.id} ${if msg.fields.app}app: ${msg.fields.app}${end} ${msg.message} ${end}${else}<No backlog> ${end}
The issue is only with msg.index. Everything works fine if index is hardcoded.
Any ideas why the index property is not accessible? Thanks, any help is appreciated.
@kkonstantin42 What version of Graylog are you running? As mentioned in the original post, I only tested this solution on:
@Nihlander we are using Graylog 4.0.1
Tested, it works. Change to your server IP.
############################ [Message]##############################################
${if backlog}Detail message hyperlink: ${foreach backlog msg}http://10.145.204.85:9000/messages/${msg.index}/${msg.id}
${end}${else}
#############################[Message]######################################################
Proposed Functionality
It would be great to be able to include the Permlink to messages within the Alert Notifications. If the Permlink was made available in the same way as
message.source
and the other values, that would work well with the current implementation of iterating over messages in the backlog in order to include that data within the alert message.Current Behavior
Currently unable to link to messages which have triggered alerts. As far as I am aware, we are currently only able to include a link to the stream which the triggering message is in.
Possible Solution
Make the Permlink value of a message available through a similar method as other message content.
Work Around
This workaround has been tested on:
Including the below inside the backlog iteration of your notification email should provide a functioning link to the message(s) which triggered the alert.
http://<GRAYLOG_HOST>/messages/${message.index}/${message.id}
Warning: This has only been tested on messages stored in a single index.
Context
Being able to receive an alert, view the details in the email and provide a link to the exact message that has caused the alert can increase response and resolution time to alerts.
Your Environment