{
"trigger": {
"schedule": {
"interval": "10s"
}
},
"input": {
"search": {
"request": {
"indices": ["your-index-name"],
"body": {
"query": {
"bool": {
"must": [
{
"range": {
"@timestamp": {
"gte": "now-10s"
}
}
},
{
"term": {
"event_type": "your_event_type"
}
}
]
}
},
"sort": [
{
"@timestamp": {
"order": "desc"
}
}
]
},
"size": 100
}
}
},
"condition": {
"compare": {
"ctx.payload.hits.total": {
"gt": 0
}
}
},
"actions": {
"send_webhook_foreach": {
"foreach": "ctx.payload.hits.hits",
"max_iterations": 100,
"webhook": {
"method": "POST",
"url": "http://your-webhook-url",
"body": """
{
"event_id": "{{ctx.payload._source.event_id}}",
"timestamp": "{{ctx.payload._source.@timestamp}}",
"user": "{{ctx.payload._source.user}}",
"action": "{{ctx.payload._source.action}}",
"details": {{#toJson}}ctx.payload._source.details{{/toJson}}
}
""",
"headers": {
"Content-Type": "application/json"
}
}
}
}
}
뜨개질하는 개발자