Alerting

Add/Update email in alert

AlokPanday
Loves-to-Learn Lots

I have created a search which is working fine. It sends an email when the alert condition meets.

My question is, is there any way I can add/update the email address in my alert using curl command?

also can I update my alert search query using curl command?

Thanks,

Regards,

 

 

Labels (3)
0 Karma

Gr0und_Z3r0
Contributor

You can create a search and send email to any email address you want using the sendemail function.
This can be only done by using the Splunk's REST API. 
You can create custom REST endpoints if needed in Splunk to cater certain functions.

Also explore the Splunk's Java and Python SDK.

Sharing some resources to explore and refer

https://dev.splunk.com/enterprise/docs/devtools/customrestendpoints/
https://docs.splunk.com/Documentation/Splunk/8.2.3/RESTREF/RESTlist 
https://docs.splunk.com/Documentation/SplunkCloud/latest/SearchReference/Sendemail 
https://docs.splunk.com/Documentation/Splunk/8.2.3/RESTTUT/RESTsearches 
https://dev.splunk.com/enterprise/docs/devtools/java/sdk-java/ 

0 Karma

isoutamo
SplunkTrust
SplunkTrust

Hi

that's work like @Gr0und_Z3r0 said. For curiosity, what it the problem which you are trying to solve? Just wondering is there any other way to solve it.

r. Ismo

0 Karma

AlokPanday
Loves-to-Learn Lots

Hi

Thanks, @Gr0und_Z3r0  for the replay.

@isoutamo I have created an alert in Splunk and I want to create a user interface from where I can update the alert like

--data-urlencode 'description=Test4 alert' \
--data-urlencode 'alert.severity=4' \
--data-urlencode 'dispatch.earliest_time=-20m' \
--data-urlencode 'dispatch.latest_time=now' \
--data-urlencode 'cron_schedule=*/5 * * * *'
 
user will be able to update the fields from Interface.
 
Thank you..

 

 

0 Karma
Get Updates on the Splunk Community!

Built-in Service Level Objectives Management to Bridge the Gap Between Service & ...

Wednesday, May 29, 2024  |  11AM PST / 2PM ESTRegister now and join us to learn more about how you can ...

Get Your Exclusive Splunk Certified Cybersecurity Defense Engineer Certification at ...

We’re excited to announce a new Splunk certification exam being released at .conf24! If you’re headed to Vegas ...

Share Your Ideas & Meet the Lantern team at .Conf! Plus All of This Month’s New ...

Splunk Lantern is Splunk’s customer success center that provides advice from Splunk experts on valuable data ...