In this article we show how to set watcher , and configure them to how to send our slack groups with webhook.

First of all we need Kibana with Sentinl. If you dont know how to set this up you can check our post here.

Here first of all we need to create a watcher.

Then we add input. Our input search our index for where container names is jboss-wildfly. Its type for kube-logs. Because in this example im using Kubernetes platform and Kibana Sentinl manage Kubernetes logs.

{
  "search": {
    "request": {
      "index": [
        "filebeat-*"
      ],
      "types": [
        "kube-logs"
      ],
      "body": {
        "query": {
          "match": {
            "container_name": {
              "query": "jboss-wildfly",
              "type": "phrase"
            }  } } } }
  }
}

And here is alarms created by watcher on Sentinl Panel.

And its send to our slack channel.