elasticsearch Logstash Slack插件配置问题,elasticsearch,logstash,slack-api,logstash-configuration,elasticsearch,Logstash,Slack Api,Logstash Configuration" /> elasticsearch Logstash Slack插件配置问题,elasticsearch,logstash,slack-api,logstash-configuration,elasticsearch,Logstash,Slack Api,Logstash Configuration" />
Fatal编程技术网

elasticsearch Logstash Slack插件配置问题

logstash

elasticsearch Logstash Slack插件配置问题,elasticsearch,logstash,slack-api,logstash-configuration,elasticsearch,Logstash,Slack Api,Logstash Configuration,我正在尝试将Logstash Slack插件用于此配置: slack { url => "..." channel => ["..."] attachments => [ {"color" => "#36a64f"},{"title" => "This is a title %{title}"},{"author_name" => %{name}} ] } 但是当我收到带有附件的消息时,颜色设置不正确,变量值title和name显示为%{titl

我正在尝试将Logstash Slack插件用于此配置:

slack {
  url => "..."
  channel => ["..."]
  attachments => [ {"color" => "#36a64f"},{"title" => "This is a title %{title}"},{"author_name" => %{name}} ]
}
但是当我收到带有附件的消息时,颜色设置不正确,变量值
title
name
显示为
%{title}
%{name}

有人成功配置了这个插件吗?正确的设置应该是什么?

我的Grok过滤器是:

 grok {
        match => ["message", "%{TIMESTAMP_ISO8601} Thread:'(?<thread>[^']+)' Level:'%{LOGLEVEL:log-level}' Message:%{GREEDYDATA:information}"]
注意:附件仍然不起作用\n也不会断开该行,它只是以松弛方式显示为\n

我的错误消息记录了大量的多行文本,所以我真的很想做这样的事情,当然这是行不通的:

slack
        {
           url => "https://hooks.slack.com/services/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"
           format => "%{log-level} at %{@timestamp} on %{type} with IP:%{host}"
           attachments => "Message: %{information}"
        }
见:

->“今天的变通办法”->换行符:使用实际的换行符

使用logstash-5.5.0+logstash-output-slack-2.0.3测试和验证您是否能够解决此问题。我也面临同样的问题。谢谢 
slack
        {
           url => "https://hooks.slack.com/services/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"
           format => "%{log-level} at %{@timestamp} on %{type} with IP:%{host}"
           attachments => "Message: %{information}"
        }