cvtienhoven / graylog-plugin-aggregates

Aggregates plugin for Graylog
https://marketplace.graylog.org
GNU General Public License v3.0
53 stars 12 forks source link

Custom notification message #41

Closed knightsg closed 6 years ago

knightsg commented 6 years ago

Thanks for the plugin, it's a feature I was surprised was missing from Graylog so it's been useful to find your work.

I do have one small issue that's come up though. I set up an aggregate rule that alerts based on the same value of a field being matched x times, and when it sends the notification it just says, "the same value of field 'example_field' occurs x times in y minutes".

This is not very informative for us as it would be much better if it contained the actual value of the field that was matched multiple times. Instead, we have to log into our graylog server which involves connecting to a VPN, something that's not so easy on a phone out in the field.

Is there any way to customise the alert messages? It would be very helpful to be able to do so.

Thanks, Guy

cvtienhoven commented 6 years ago

This will be resolved in #35. Not the customization of the message, but the implementation of a separate Email Alarm Callback that contains a table with values + number of occurences.

knightsg commented 6 years ago

Great! Thanks for the update.