Is it possible not to display rule name in ElastAlert alerts?

Question

I'm using a custom rule with a custom alerter that writes the alerts in a text file, and i'd like not to have the name of the rule written before alerts, given that only that specific rule will write in this file.

Is there any option to only write the rule type text or the alert text ?

Or something to create my own alert text type ? Ideally i'd like my alert texts to be only the ruletype_text

score 0 · Answer 1 · edited May 23 '17 at 12:31

0

Please refer to my question here it might help.

The answer in above question links to this Documentation of elastalert, there are some arguments which you can specify in your rule to filter the alert data.

OR try playing with the name of the rules files (alert.yaml or __.yaml)This is just a guess though.

edited May 23 '17 at 12:31

Community

1
1

answered May 04 '16 at 20:35

XOR-Manik

493
1
4
19

Is it possible not to display rule name in ElastAlert alerts?

1 Answers1