Alerting
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Alert Action "Run a script" depreciated - Looking for similar option

kamal_jagga
Contributor
‎03-23-2018 12:28 PM

Objective: Send the search result url to a central location whenever an alert is triggered.

Current Sol: Trigger alert action script whenever no of events>0

Current Shell Script :
read sessionKey
echo "'$SPLUNK_ARG_0' '$4' '$6' '$sessionKey'" >> \
"/opt/splunk/output.txt"

I know Splunk has given "Convert a script alert action to a custom alert action" option.

But its not that clear and I don't want to modify each search query to add the sendresults option.

Link: http://docs.splunk.com/Documentation/Splunk/7.0.2/AdvancedDev/CustomAlertConvertScripted

kindly advise.

0 Karma
Reply
Get Updates on the Splunk Community!

There's No Place Like Chrome and the Splunk Platform

Watch On DemandMalware. Risky Extensions. Data Exfiltration. End-users are increasingly reliant on browsers to ...

The Great Resilience Quest: 5th Leaderboard Update

The fifth leaderboard update for The Great Resilience Quest is out >> 🏆 Check out the ...

Devesh Logendran, Splunk, and the Singapore Cyber Conquest

At this year’s Splunk University, I had the privilege of chatting with Devesh Logendran, one of the winners in ...