Hi, all.
I am a newbie on using opendistro for elasticsearch, and I’m stuck on making alert.
I want to send alert in webhook method, and the request goes successfully, but the request payload is different with the one in preview.
The query result is below:
{
"_shards": {
"total": 1,
"failed": 0,
"successful": 1,
"skipped": 0
},
"hits": {
"hits": [],
"total": {
"value": 20,
"relation": "eq"
},
"max_score": null
},
"took": 3,
"timed_out": false,
"aggregations": {
"hashed": {
"doc_count_error_upper_bound": 0,
"sum_other_doc_count": 0,
"buckets": [
{
"doc_count": 26,
"key": "eJyl08tuAiEUBuB9n4KlXQjOQKslvaQ2k2"
}
]
}
}
}
# the `key` inside `buckets` is much much longer, but I reduced it for readability.
Like the sample, there is aggregation result on my query result, and I want to send it with application/json style, so I made like below:
{
{{ #ctx.results }}{{ #aggregations.hashed.buckets }}
"{{&key}}": {{doc_count}},
{{ /aggregations.hashed.buckets }}{{ /ctx.results }}
"end": 0 <- being used like EOF, End of Payload ..
}
and the preview on kibana:
{
"eJyl08tuAiEUBuB9n4KlXQjOQKslvaQ2k2": 20,
"end": 0
}
But the actual request is:
{
"": ,
"end": 0
}
This behavior can be observed in both real alerting, and sending test message.
Please guide me if I’m doing something wrong. 
Thank you in advance!
ps. This is how I have defined Destination.
There are some inconsistency between the preview in Kibana and the actual message is sent. There was an similar issue in Github