How to show fild's contain throught connector log

Dariia_Hrebenichenko · June 12, 2025, 8:28am

Hello there!

I'm working on an alerting system.
I use Kibana connector log and Logstash to sand emails.

For now I have rule to show just a count of files, but I would like to see the contain of field.

For example, I have fields 'state' and 'filename'. My rule has filter by 'state' field when it is with 'error'. But it shows only the count ( like 5 errors for last 10 minutes).
I want to see contain of 'filename' field (when it is in error state).

Is there some options in Kibana to do that?

Thank you for any answers!

Tortoise · June 12, 2025, 9:59am

Hello @Dariia_Hrebenichenko

Welcome to the community.

This will return all the values of filename as per the records which qualify your rule

{
  "filename": "{{#context.hits}} {{_source.filename}} {{/context.hits}}"
}

If you just want to display the first value :


{
  "filename": "{{context.hits.0._source.filename}}"
}

Thanks!!

Dariia_Hrebenichenko · June 12, 2025, 1:27pm

Yes, thank you!

Also needed to use a good type of rule for that.

Topic		Replies	Views
How to include a field value in message body in Rules and Connectors? Kibana elastic-stack-monitoring , elastic-stack-alerting , detection-rules	1	16	June 12, 2025
Filter for field contains value in Dashboard Kibana	6	1930	March 7, 2022
Count within field Kibana	4	289	February 11, 2020
Filter logs with only DEBUG in them Kibana	3	1240	July 24, 2018
Displaying the application log data in Kibana - Log file content field is missing in Elasticsearch Elasticsearch	2	881	January 19, 2022

How to show fild's contain throught connector log

Related topics