Open eirsep opened 1 year ago
Thanks for adding this issue, @eirsep ! Can you please help identify where this information should go? Feel free to create a PR against the affected topic. I added @Naarcha-AWS as a collaborator, since he is currently working on security analytics content.
What do you want to do?
Tell us about your request. Provide a summary of the request and all versions that are affected. Security Analytics plugins creates detectors to run security rules on data. When rule is matched against documents findings and alerts are created. We allow users to configure alerts and notifications when such findings are created. The notification contains an option to add a message body with mustache templates to provide contextual variables for detector and underlying alerting monitor {{ctx.detector}} variable value looks like :
{_id=qVGldIkB0UfzAtaegDPc, _version=1, name=test-detector, enabled=true}
What other resources are available? Provide links to related issues, POCs, steps for testing, etc.
Similar to Alerting notification message mustache template variables https://opensearch.org/docs/latest/observing-your-data/alerting/monitors/#available-variables