Log Management
Alerting
Destinations
Lark

Lark

Notify collaboration hubs on Lark with signed webhook requests. Configure lark with your bot webhook and verification settings. Add lark under alert: on your rule (you can combine destinations).

Details for each key are in Options; Full working example ties the destination into a full ElastAlert 2 rule.

Options

Keys below match the ElastAlert 2 alerter. Shared rule fields such as alert_subject apply as described in Subject & body. Example fragments from the ElastAlert 2 reference appear indented under the option they illustrate (add your own name, type, index, and filter to make a full rule).

Required

  • lark_bot_id — Lark bot id.

Example usage

 alert:
   - "lark"
 lark_bot_id: "your lark bot id"
 lark_msgtype: "text"

Optional

  • lark_msgtype — Lark msgtype, currently only text supported.

Full working example

name: Example alert for Lark
type: any
index: "*-*"
filter:
  - query:
      query_string:
        query: "level:error OR log.level:error"
alert:
  - "lark"
lark_bot_id: "REPLACE"
JiraLINE