x-package的监控还是很强大的,但是对于告警内容的二次过滤和开发能力较弱。某些情况下,我们可能需要将数据拿出来,和我们自己开发的数据处理平台对接,对数据进行清洗之后发送告警信息给管理员。
默认从ctx.payload拿到的数据是一种很奇怪的格式,我们可以通过toJson将数据转换成标准JSON格式进行解析。
{
"trigger": {
"schedule": {
"interval": "1m"
}
},
"input": {
"search": {
"request": {
"search_type": "query_then_fetch",
"indices": [
"5ag-access-info*"
],
"types": [],
"body": {
"query": {
"bool": {
"must": {
"match": {
"statusCode": 500
}
},
"must_not": [
{
"match": {
"requestURI": "/prst"
}
},
{
"match": {
"requestURI": "/eep/api/weixin/getAcode"
}
},
{
"match": {
"requestURI": "/xsh/es-service/skuProduct/extendedWarrantyList"
}
}
],
"filter": {
"range": {
"@timestamp": {
"from": "{{ctx.trigger.scheduled_time}}||-10000m",
"to": "{{ctx.trigger.triggered_time}}"
}
}
}
}
}
}
}
}
},
"condition": {
"compare": {
"ctx.payload.hits.total": {
"gt": 0
}
}
},
"actions": {
"notify-slack": {
"slack": {
"message": {
"to": [
"9581033544@chatroom"
],
"text": "{{#toJson}}ctx.payload{{/toJson}}"
}
}
}
}
}