标签: elastalert
我有遵循此模板{trans_id, sub_trans_name, timestamp}
{trans_id, sub_trans_name, timestamp}
{trans_1, "Queued", "1:00 am"} {trans_1, "Assigned", "2:00 am"} {trans_1, "Completed", "3:00 am"}
我想用警报消息进行通知 trans_1已在1:00 am排队,在2:00 am分配,在3:00 am结束
我该如何实现?