Im trying to get values from a splunk search into an email alert Message. My splunk search query used to trigger an alert is "resourceGroup="myResourceGroup" severity="Error" (simplified version). The output of the search looks like this
{
msg: Error encountered will getting details from API
resourceGroup: myResourceGroup
severity: Error
sourceContext: SystemContext
success: false
}
Q1: How do i get the msg value from the search result in my email alert? Below is a screen shot of splunk Alert Email Message Box?
Q2: Say i wanted to send msg and sourceContext, is there a way to insert ONLY these fields into a custom table?
.
The first step is to extract the fields you want to use in the alert. A simple way to do that (if not already done) is with rex.
resourceGroup="myResourceGroup" severity="Error"
| rex "msg: (?<msg>[^\n}+)"
| rex "sourceContext: (?<sourceContext>\S+)"
Then reference the fields within $ in the alert message.
Msg = $msg$
sourceContext = $sourceContext$
Related
Нello, I have some log streams that unfortunately are a mix of both json and non-json items; e.g. (every line is a separate item):
{ msg: "User 'bob' logged in", noisy: "context", please: "ignore this attribute" }
{ msg: "User 'bob' called api endpoint /example/endpoint", noisy: "context", please: "ignore this attribute" }
Error reaching DB
Error reaching config server
{ msg: "User 'bob' logged out", noisy: "context", please: "ignore this attribute" }
In grafana I am using a query like this:
{ cloud="azure", pod="example-pod-blue-wlk92uw-a6e9l" }
| json
| line_format "{{.msg}}"
This successfully formats every json-formatted log item, but the non-json items do not appear
User 'bob' logged in
User 'bob' called api endpoint /example/endpoint
<error>
<error>
User 'bob' logged out
Here's what a bunch of sequential non-json-formatted lines look like in the grafana ui under this query:
I would like to see this information:
User 'bob' logged in
User 'bob' called api endpoint /example/endpoint
Error reaching DB
Error reaching config server
User 'bob' logged out
It feels like I need a way to say "parse as json and perform line_format, but if json parse fails just show the original line". Is there a way to do this? Thanks!
The following works (the UI still indicates there are json-parsing issues, but it at least shows the full message when these parsing issues occur). There are two parts to this:
Regex captures full message as named property
We can capture the full message under a named property (I'll call it "fullMsg") using the regexp directive:
{ cloud="azure", pod="example-pod-blue-wlk92uw-a6e9l" }
| regexp "(?P<fullMsg>.*)"
If/else/end block in line_format
The "msg" property will only exist if the json stage executed correctly. We'll say:
...
| line_format "{{if .msg}}{{.msg}}{{else}}{{.fullMsg}}{{end}}"
which will show fullMsg if msg doesn't exist (because json parsing failed)
Overall solution
{ cloud="azure", pod="example-pod-blue-wlk92uw-a6e9l" }
| regexp "(?P<fullMsg>.*)"
| json
| line_format "{{if .msg}}{{.msg}}{{else}}{{.fullMsg}}{{end}}"
I'm starting a new project. I have to send a confirmation email when someone purchases a book with my Google Form. By now, I can send an email when you complete the form but I can't put the name of the buyer and the number of books in the email. F.ex : Hello "John", you gonna receive your "3" books in a week.
I've tried something like this :
function sendEmail(e) {
var formreponse = e.responses;
var itemreponse = formreponse.getItemResponses();
var number= itemreponse[5].getResponse(); //because it's in the 5th columns of the spread sheets
var name= itemreponse[3].getResponse();
And then I just write a simple code like this
var TextToSend = "blablabla" + name + " blabla" + number + ".";
GmailApp.sendEmail(emailTo, subject, TextToSend, options);
But I've got an error message:
Cannot read property 'responses' of undefined.
And I don't know why!
It's very frustrating for me not to be able to finish this simple task.
Issues:
When running this function manually, through the editor, no event object is passed, and so e is undefined. You should not run this function manually.
responses is not a valid Event property of Form submit triggers.
Solution:
Install an onFormSubmit trigger, either manually or programmatically, so that the function will run automatically when the Form is submitted, and e will be populated.
Change e.responses to e.response:
var formreponse = e.response;
Reference:
Event Objects > Google Forms events > Form submit
Anyone that have exp about configuring email callback on Graylog, please advise me this case.
In log that we receive have field: protocol-id. Now I can using it in email by using syntax:
${message.fields.protocol-id}.
But value of this filed is number. I want to change it to string. I give example:
if (protocol-id = 17) protocol-id = 'UDP'.
I try code as below but I don't get anything:
${if ${message.fields.protocol-id}==17}Protocol-Attack: UDP
How I can solve this case???
You can create a stream which contains only those messages (e. g. by adding a stream rule "Field protocol-id must be equal to 17"), call it "Protocol-Attack: UDP", and then create an alert condition for this specific stream which will fire if there are any messages in this stream.
How do you customize the Gateway Errors that pop up when a customer's credit card is declined.
Example would be "Payment transaction failed. Reason Gateway error: An error occurred during processing. Please try again."
We're using Authorize.net if that makes a difference. To clarify, we aren't looking to get rid of them, just modify the language in them.
Copy the file app/code/core/Mage/Paygate/Model/Authorizenet.php to local. Then find this (line 1334):
protected function _wrapGatewayError($text)
{
return Mage::helper('paygate')->__('Gateway error: %s', $text);
}
and replace with this:
protected function _wrapGatewayError($text)
{
if($text == 'This transaction has been declined.') {
$text = 'Custom message here.';
}
return Mage::helper('paygate')->__('Gateway error: %s', $text);
}
I know this is an old question, but I will leave this here for the future in case if someone runs into this.
The _wrapGatewayError() method already uses a helper to output the message, so why not just translate the message?
Create (or edit) your localization/translation file in app/design/frontend/{package_name}/{theme_name}/locale/en_US/translate.csv. You can check the active package_name and theme_name in System / Configuration / Design (under 'General').
Add the messages you are changing to that file in this format: "Old text - message you want to change", "New message".
In your case, it will be something like this:
"Payment transaction failed. Reason Gateway error: An error occurred during processing. Please try again.", "Your custom message"
How it works: whenever a helper is used to output the "Payment translation failed. ...", the system will find the translation file (translate.csv) and will change the message to your custom one.
Please don't modify core files. It creates a mess, interferes with patches, and makes debugging harder. You can extend them if you need to. See Overriding Magento blocks, models, helpers and controllers
I am validating an email address using zend_validate_email.
For example, for email address aa#aa it throws several error messages including very technical describing that DNS mismatch (:S).
I am trying to make it display only 1 message that I want it to (for example: "Please enter a valid email").
Is there any way of doing it elegantly, apart from creating a subclass and overriding the isValid method, clearing out the array of error messages?
Thanks!
$validator = new Zend_Validate_EmailAddress();
// sets the message for all error types
$validator->setMessage('Please enter a valid email');
// sets the message for the INVALID_SEGMENT error
$validator->setMessage('Something with the part after the # is wrong', Zend_Validate_EmailAddress::INVALID_SEGMENT);
For a full list of errors and message templates see the Zend_Validate_EmailAddress class