https://community.splunk.com/t5/Alerting/How-to-configure-Alert-actions-to-syslog-server/m-p/653693#M15252 <P>Hi&nbsp;<a href="https://community.splunk.com/t5/user/viewprofilepage/user-id/259468">@kn-nowit</a>,</P><P>No I used again this app even if isn't certified.</P><P>Ciao.</P><P>Giuseppe</P> Wed, 09 Aug 2023 07:36:13 GMT gcusello 2023-08-09T07:36:13Z https://community.splunk.com/t5/Alerting/How-to-configure-Alert-actions-to-syslog-server/m-p/611592#M14209 <P>Hi all,</P> <P>I am using Splunk Enterprise 8.1.</P> <P>Recently, we had configured&nbsp;alert actions as "Email notification action" and it works fine. Moreover, we would like to send those alert message to SYSLOG server.</P> <P>The manual said "script alert action is deprecated". Any other way to&nbsp;achieve it?</P> <P>Thanks.</P> Wed, 09 Aug 2023 16:10:08 GMT https://community.splunk.com/t5/Alerting/How-to-configure-Alert-actions-to-syslog-server/m-p/611592#M14209 alexshek 2023-08-09T16:10:08Z https://community.splunk.com/t5/Alerting/How-to-configure-Alert-actions-to-syslog-server/m-p/611593#M14210 <P>Hi&nbsp;<a href="https://community.splunk.com/t5/user/viewprofilepage/user-id/249084">@alexshek</a>,</P><P>some time ago (on version 8.1), I used the Syslog Modular Alert App (<A href="https://splunkbase.splunk.com/app/4199/)" target="_blank">https://splunkbase.splunk.com/app/4199/)</A>&nbsp;but it isn't certified on version 9.x, you could try if it runs.</P><P>Ciao.</P><P>Giuseppe</P> Thu, 01 Sep 2022 10:47:21 GMT https://community.splunk.com/t5/Alerting/How-to-configure-Alert-actions-to-syslog-server/m-p/611593#M14210 gcusello 2022-09-01T10:47:21Z https://community.splunk.com/t5/Alerting/How-to-configure-Alert-actions-to-syslog-server/m-p/653558#M15249 <P>Did you find a nice solution in the meantime?</P> Tue, 08 Aug 2023 10:44:59 GMT https://community.splunk.com/t5/Alerting/How-to-configure-Alert-actions-to-syslog-server/m-p/653558#M15249 kn-nowit 2023-08-08T10:44:59Z https://community.splunk.com/t5/Alerting/How-to-configure-Alert-actions-to-syslog-server/m-p/653693#M15252 <P>Hi&nbsp;<a href="https://community.splunk.com/t5/user/viewprofilepage/user-id/259468">@kn-nowit</a>,</P><P>No I used again this app even if isn't certified.</P><P>Ciao.</P><P>Giuseppe</P> Wed, 09 Aug 2023 07:36:13 GMT https://community.splunk.com/t5/Alerting/How-to-configure-Alert-actions-to-syslog-server/m-p/653693#M15252 gcusello 2023-08-09T07:36:13Z https://community.splunk.com/t5/Alerting/How-to-configure-Alert-actions-to-syslog-server/m-p/653967#M15264 <P>Thanks for your info!</P><P>We didn't get it to work in our platform which runs in version 9.0.5</P><P>But we've found another app with the same features which works for us!<BR />Syslog alert action Add-On&nbsp;<A href="https://splunkbase.splunk.com/app/6177" target="_blank">https://splunkbase.splunk.com/app/6177</A></P><P>It's really easy to use in Alerts or as Adaptive Response Action in Splunk ES.<BR />Create your customized syslog-message using <FONT face="courier new,courier">eval syslogmessage = ..</FONT> in the Search query and mention the syslogmessage field als message param in the app config.</P><P><span class="lia-inline-image-display-wrapper lia-image-align-left" image-alt="searchquery.PNG" style="width: 400px;"><img src="https://community.splunk.com/t5/image/serverpage/image-id/26751iC908D48E0998E2F3/image-size/medium?v=v2&amp;px=400" role="button" title="searchquery.PNG" alt="searchquery.PNG" /></span></P><P>&nbsp;</P><P>&nbsp;</P><P><span class="lia-inline-image-display-wrapper lia-image-align-left" image-alt="action.PNG" style="width: 400px;"><img src="https://community.splunk.com/t5/image/serverpage/image-id/26750iFF58C98517D89419/image-size/medium?v=v2&amp;px=400" role="button" title="action.PNG" alt="action.PNG" /></span></P> Thu, 10 Aug 2023 15:50:20 GMT https://community.splunk.com/t5/Alerting/How-to-configure-Alert-actions-to-syslog-server/m-p/653967#M15264 kn-nowit 2023-08-10T15:50:20Z