Hello,
We’re having ElasticSearch as a Data Source and using alerting. But the notification messages in the Slack is not dynamic, i need to take some information from Grafana Data source response, and put it to notification messages.
So seems i need to do something with annotations. But i tired lots of configurations, i got [no-value].
For example the response from Elasticsearch DataStore is:
{ "@timestamp": [ "2025-03-06T15:48:50.938Z" ], "@version": "1", "_id": "X9QlbJUBZp0XDkooLvSV", "_index": "dc-network-2025.03.06", "_type": null, "facility": "189", "fields": { "app_id": "network", "log_type": "network", "source": "shipper", "team_name": "dc" }, "group": "%VSHD-5-VSHD_SYSLOG_CONFIG_I", "highlight": null, "host": "10.234.2.205:GCNNET01B", "message": "Configured from vty by master on 10.230.4.180@pts/3", "message_size": 125, "month": "Mar", "monthday": "6", "shipper": { "node": { "name": "laaslg003prvjay.lin.pr.addd.zone" } }, "sort": [ 1741276130938, 15639 ], "time": "16:48:50", "type": "syslog", "year": "2025" }
so i need to somehow take the value from host (“10.234.2.205:GCNNET01B”) to Grafana slack notification
any help ?