I am using Service orchestration to Route incidents to different Services and want to define Custom Variable from source (default Pagerduty source) and replace CEF fields class, group and component using Regex RE2
(?i)(\\W|^)(credit)(\\W|$)
I am not getting event fields replaced here. Any reason. I am not using AIOps Pagerduty.
Source: raw_event.summary and event.summary
Hello @vaibhav nitturkar.
Are you able to provide an example event payload for testing purposes? You mask all internal data, I just need the pattern for the summary properties in raw_events and event. Feel free to send it through DM.
I assume the issue is not only with replacing event fields but also defining the custom variable, correct?
Hi @tiago barbosa I have send you a direct message.
I cannot find the JSON output from the alarm. The alarm is Splunk Email notification so should have a standard payload.
Yes both as I am unable to define custom variable as well as replace event fields.
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.