Warning: file_get_contents(/data/phpspider/zhask/data//catemap/0/email/3.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Email 如何从elastialert规则中删除_id、_index、_type、num匹配、num命中和@timestamp_Email_<img Src="//i.stack.imgur.com/RUiNP.png" Height="16" Width="18" Alt="" Class="sponsor Tag Img">elasticsearch_Elastic Stack_Elk - Fatal编程技术网 elasticsearch,elastic-stack,elk,Email,elasticsearch,Elastic Stack,Elk" /> elasticsearch,elastic-stack,elk,Email,elasticsearch,Elastic Stack,Elk" />
Fatal编程技术网
  • email/
  • Email 如何从elastialert规则中删除_id、_index、_type、num匹配、num命中和@timestamp

Email 如何从elastialert规则中删除_id、_index、_type、num匹配、num命中和@timestamp

email

Email 如何从elastialert规则中删除_id、_index、_type、num匹配、num命中和@timestamp,email,elasticsearch,elastic-stack,elk,Email,elasticsearch,Elastic Stack,Elk,下面是我在gmail收件箱中收到的内容。我想 remove _id, _index, _type, num_matches, num_hits and @timestamp 所有这些都只是我想在我的邮件中包含的信息,每次都会触发 下面是进入gmail收件箱 @timestamp: 2021-05-24T11:16:06Z _id: 2S0WnnkBz7SOxaiw1TZk _index: logstash-2021.05.24 _type: _doc message: <30>M

下面是我在gmail收件箱中收到的内容。我想

remove _id, _index, _type, num_matches, num_hits and @timestamp
所有这些都只是我想在我的邮件中包含的信息,每次都会触发

下面是进入gmail收件箱

@timestamp: 2021-05-24T11:16:06Z
_id: 2S0WnnkBz7SOxaiw1TZk
_index: logstash-2021.05.24
_type: _doc
message: <30>May 24 11:16:06 fx-prod-1 prod_fx-control-plane.1.knel5yam 2021-05-24 11:16:06.926 INFO 1 --- [nio-8080-exec-9] com.fxlabs.fxt.rest.run.RunController : Find Latest by job id [8a8089ba777311370177734530902ec8] org [8a8081066e02d6a2016e04eacd2005c7] principal [8a808155647d283a01647d7c5e0d07ba]
num_hits: 8
num_matches: 1
我已经在我的笔记本电脑上安装了ELK,之后我配置了elastialert,以触发进入docker容器的类似电子邮件的问题,因此它将触发一封发送到我的gmail帐户的电子邮件,我在elastialert的kibana插件中设置rules.yml文件,然后它发送一封电子邮件,你可以看到我想要删除的电子邮件中的一个内容我已经提到了上面的话。只有消息应该显示在我的电子邮件时,它触发 怎么做

# Alert when the rate of events exceeds a threshold

# (Optional)
# Elasticsearch host
# es_host: elasticsearch.example.com

es_host: elasticsearch.test.com
# (Optional)
# Elasticsearch port
#es_port: 14900
es_port: 9200

# (OptionaL) Connect with SSL to Elasticsearch
#use_ssl: True

# (Optional) basic-auth username and password for Elasticsearch
#es_username: someusername
#es_password: somepassword
es_username: testelastic
es_password: xxxx


# (Required)
# Rule name, must be unique
name: Exception Alert

# (Required)
# Type of alert.
# the frequency rule type alerts when num_events events occur with timeframe time
#type: blacklist
type: any
include: ["message"]

# (Required)
# Index to search, wildcard supported
#index: logstash*
index: filebeat*

# (Required, frequency specific)
# Alert when this many documents matching the query occur within a timeframe
#num_events: 1

# (Required, frequency specific)
# num_events must occur within this amount of time to trigger an alert
timeframe:
#  hours: 1
#  minutes: 1
  seconds: 1

#compare_key: "message"

#blacklist:

#- "error"

realert:
  minutes: 5

 # This is send out all matches in one email
# aggregation:
#  minutes: 1

#  seconds: 0
#filter:
#- term:
#    message: "[error]"

#filter:
# - match:
 #   message: "job"

filter:
 - query:
      query_string:
 #       query: "message: exception AND  message: control"
        query: "message: job"
#filter:
#- query:
#   query_string:
#    query: "message: error"

alert:

- "slack"
- "email"


#- slack
slack_webhook_url: "https://hooks.slack.com/services/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"
#slack_username_override: "ElastAlert"
slack_username_override: "Mohd Rashid"

#- email
email: ["rashidmd777@gmail.com"]
smtp_host: "smtp.gmail.com"
smtp_port: "587"
from_addr: "rashidmd777@gmail.com"