====== How to push an alert into Trisul dispatcher from bash  ======


On Ubuntu , the Trisul dispatcher reads from /var/log/syslog and matches all lines using a Regex.

It then formats and pushes to 
  - Email
  - Microsoft Teams via WebHooks 


If you push a syslog message in the following format into syslog it will make to the automatic email alert delivery system.


''"Alert:probe0:context0:0,0,0,0,0,0,IPDRDOWN,TEst ipdr stopped flushing"
''

<code>
logger -s -t trisul_flushd "Alert:probe0:context0:0,0,0,0,0,0,IPDRDOWN,TEst ipdr stopped flushing"
</code>


The fields are 
  * Alert:probe0:context0:  -- source of the alert
  * Timestamp tv_sec
  * Timestamp tv_usec
  * Source IP
  * Port
  * Dest IP
  * Port
  * SigID -- short name for alert
  * Message