I am working on ELK watcher to create an alert that sends an array of value transformed using 'transform' mapping.
"transform": {
"script": "return [ err_yest : ctx.payload.aggregations.errorcount.buckets.collect { [err_count:it.doc_count, list_errors: it.errs.buckets.collect{[emsg:it.key,emsc:it.doc_count]}] } ]"
},
Is there a way to print the array values in the body of email alert using any looping method? I tried groovy scripting, but got an error saying it's unsupported. All I could do is manually printing the values in array like below.
"body" : {
"html": "<table width='400px' border='1'><thead><tr><th colspan='4'>Error Messages</th></tr><tr><th colspan='2'>Yesterday</th><th colspan='2'>Today</th></tr></thead><tbody><tr><td>{{ctx.payload.err_yest.0.list_errors.0.emsc}}</td><td align='center'>{{ctx.payload.err_yest.0.list_errors.0.emsg}}</td><td>{{ctx.payload.err_yest.1.list_errors.0.emsc}}</td><td align='center'>{{ctx.payload.err_yest.1.list_errors.0.emsg}}</td></tr><tr><td>{{ctx.payload.err_yest.0.list_errors.1.emsc}}</td><td align='center'>{{ctx.payload.err_yest.0.list_errors.1.emsg}}</td><td>{{ctx.payload.err_yest.1.list_errors.1.emsc}}</td><td align='center'>{{ctx.payload.err_yest.1.list_errors.1.emsg}}</td></tr><tr><td>{{ctx.payload.err_yest.0.list_errors.2.emsc}}</td><td align='center'>{{ctx.payload.err_yest.0.list_errors.2.emsg}}</td><td>{{ctx.payload.err_yest.1.list_errors.2.emsc}}</td><td align='center'>{{ctx.payload.err_yest.1.list_errors.2.emsg}}</td></tr></tbody></table>"
},
You need to use Mustache templating
The syntax is something like this :
{{#ctx.payload.err_yest}} {{#list_errors}} {{emsc}} {{/list_errors}}{{/ctx.payload.err_yest}}
This will loop over all the objects in err_yest then loop over all the list_errors for a err_yest object and display esmc