Empty message text in zoom (MAC OS) via incoming webhook

Yelp / elastalert

Easy & Flexible Alerting With ElasticSearch

https://elastalert.readthedocs.org

Apache License 2.0

7.97k stars 1.74k forks source link

Empty message text in zoom (MAC OS) via incoming webhook #3291

Closed kga676 closed 10 months ago

kga676 commented 10 months ago

I am trying to send elastalerts to zoom via http_post to incoming webhook app on Windows in works just OK on Mac OS there is empty message text. BUT if I copy message to clipboard and paste it - text is OK

My alert rule

alert: post
http_post_url: "https://inbots.zoom.us/incoming/hook/My_chat_id_here?format=fields"
http_post_payload:
  message: message
http_post_headers:
  authorization: Bearer My token is here
http_post_proxy:
  http://my_proxy_is_here:and_port

adding Content-Type: "application/json" does NOT work :(

kga676 commented 10 months ago

message example

[2023-09-07 11:36:49.000][ERROR][testLogger][-1][fsb-sf-consumer-prod][][ [2022-11-15 07:04:11.839][ERROR][r.f.f.i.t.TablesCapture#][49899390][fsb-sf-consumer-prod][][f = [аууу444444ууфвввв85]. messageId:49899390 messageType:ERROR moduleId:r.f.f.i.t.TablesCapture# r Zoom Thread Fail fail starvation or clock leap detected zoom ERROR Fail. Diff = [822222225]

kga676 commented 10 months ago

Solved. ?format=fields and json mapping was breaking everything wiorking config:

alert: post
include: ["userId","message", "@timestamp"]
http_post_url: "https://inbots.zoom.us/incoming/hook/chat_id"
http_post_headers:
  authorization: Bearer toooooooooooooooken

and NO "http_post_payload"