Kibana Watcher暂停通话,导致400
我已经设置了Kibana watcher,当条件满足时,它应该向通道发送一条松弛消息。Watcher似乎工作得很好,它能够查询日志、获取点击、准备有效负载以便将消息发布到Slack channel。但是对slack的调用会导致400错误(无效有效负载),而当通过postman尝试相同的有效负载时,似乎没有问题。(唯一的区别是在Kibana watcher中,slack POST调用的body json被认为是字符串,而在尝试通过postman时,我必须使用解析的json对象) 观察者行动:Kibana Watcher暂停通话,导致400,kibana,slack,slack-api,kibana-4,
elasticsearch-watcher,Kibana,Slack,Slack Api,Kibana 4,
elasticsearch Watcher,我已经设置了Kibana watcher,当条件满足时,它应该向通道发送一条松弛消息。Watcher似乎工作得很好,它能够查询日志、获取点击、准备有效负载以便将消息发布到Slack channel。但是对slack的调用会导致400错误(无效有效负载),而当通过postman尝试相同的有效负载时,似乎没有问题。(唯一的区别是在Kibana watcher中,slack POST调用的body json被认为是字符串,而在尝试通过postman时,我必须使用解析的json对象) 观察者行动: "c
"condition": {
"compare": {
"ctx.payload.hits.total": {
"gt": 0
}
}
},
"actions": {
"send_trigger": {
"throttle_period_in_millis": 60000,
"transform": {
"script": {
"source": "def payload = ctx.payload; def msgData = ctx.payload.hits.hits.0._source.message.replace('\"', ''); msgData = msgData.replace('\\', ''); payload.msg = msgData; return payload;",
"lang": "painless"
}
},
"webhook": {
"scheme": "https",
"host": "hooks.slack.com",
"port": 443,
"method": "post",
"path": "/services/********/*********/******************",
"params": {},
"headers": {
"Content-type": "application/json"
},
"body": "{\"channel\": \"alert-channel-name\",\"username\": \"slackKibanaUser\", \"attachments\": [ { \"color\": \"danger\", \"title\": \" Alert Title For Event Occurance \", \"title_link\" : \"https://kibana.whatever.biz.com/app/kibana\", \"text\": \" *Detail:* \n ``` {{ ctx.payload.msg}} \n ``` \", \"fields\": [ {\"title\": \"Traceid\", \"value\": \"`{{ ctx.payload.hits.hits.0._source.traceId}}`\", \"short\": true}, { \"title\": \"Environment\", \"value\": \"{{ctx.payload.hits.hits.0._source.fields.environment}}\", \"short\": false }], \"footer\": \"{{ctx.payload.hits.hits.0.fields.environment}}\", \"footer_icon\": \"https://platform.slack-edge.com/img/default_application_icon.png\" }]} "
}
}
}
观察者错误中记录的响应:
"reason": "received [400] status code",
"webhook": {
"request": {
"host": "hooks.slack.com",
"port": 443,
"scheme": "https",
"method": "post",
"path": "/services/********/*********/******************",
"headers": {
"Content-type": "application/json"
},
"body": "{\"channel\": \"alert-channel-name\",\"username\": \"slackKibanaUser\", \"attachments\": [ { \"color\": \"danger\", \"title\": \" Alert Title For Event Occurance \", \"title_link\" : \"https://kibana.whatever.biz.com/app/kibana\", \"text\": \" *Detail:* \n ``` 2020-05-28T00:00:00.000Z\tsome-random-numbers \tERROR\tInvoke Error\t{errorType:MyCustomError,errorMessage:{\\errorMessage\\:\\Something went wrong while processing : More error details goes here.\\,\\payload\\:\\[id=undefined, key1=value1, key2=value2, timestampRecorded=12/10/2019, 02:00:00, timestampActual=12/10/2019, 01:59:00, key3=value3, key4=v:a:l:u:e:4, key5=v:a:l:u:e:5]\\},name:MyCustomError,stack:[MyCustomError: {\\errorMessage\\:\\Something went wrong while processing : More error details goes here.\\,\\payload\\:\\[id=undefined, key1=value1, key2=value2, timestampRecorded=12/10/2019, 02:00:00, timestampActual=12/10/2019, 01:59:00, key3=value3, key4=v:a:l:u:e:4, key5=v:a:l:u:e:5]\\}, at Runtime.exports.functionOne (/var/task/index.js:49:9)]} \n ``` \", \"fields\": [ {\"title\": \"Traceid\", \"value\": \"``\", \"short\": true}, { \"title\": \"Environment\", \"value\": \"test-env\", \"short\": false }], \"footer\": \"\", \"footer_icon\": \"https://platform.slack-edge.com/img/default_application_icon.png\" }]} "
},
"response": {
"status": 400,
"headers": {
...
"referrer-policy": [
"no-referrer"
],
"connection": [
"keep-alive"
],
"content-type": [
"text/html"
]
},
"body": "invalid_payload"
}
}
而如果我使用上面相同的body字段,将其解析为json,并使用postman进行post调用,我将得到200个Ok响应,消息将发布到slack channel。不知道我错过了什么