How to exclude the "Time" field for monitors that send to Webhooks?

Follow
Avatar
Ben Lei
  • Edited

Right now, our alerts to slack are:

[{"date":"2020-06-03 23:17:28.017","msg":"<my message>","Time":1591226248017}]

how do i exclude the "time" field?

 

current sumologic query looks similar to:

_sourceCategory=<category>
| parse ": *" as msg
| fields -_raw, _sourceCategory, _collector, _sourceHost, _sourceName,_receiptTime

but the "Time" is still present

0

Comments

1 comment

Sort by Date Votes
  • Avatar
    Harinder Bhandari

    You can use Webhook payload variables in the JSON payload object to send the fields you want to your webhook. If you need to use custom field, you can use {{Results.fieldname}} to customize your payload.

     

    0
    Comment actions Permalink

Please sign in to leave a comment.

Didn't find what you were looking for?

New post