- Splunk Answers
- :
- Using Splunk
- :
- Alerting
- :
- How to configure custom alert for run python scrip...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
How to configure custom alert for run python script
Hi,
I have some problem with run python script in custom alert. I have the next file
alert_actions.conf
[DigitalTwingKeepwareCRC]
is_custom = 1
label = "Monitoreo de molino de Rio Claro"
description = "Ejecuta acciones sobre el molino de Rio Claro"
payload_format = json
param.result_count = $job.resultCount$
param.search_query = $job.search$
param.results = results_link
alert.execute.cmd = python
alert.execute.cmd.arg.0 = $SPLUNK_HOME$/etc/apps/DTw_CRC/bin/iotgateway/test.py
alert.execute.cmd.arg.1 = --execute
but in the _internal index I get the next event
ERROR sendmodalert - action=DigitalTwingKeepwareCRC - Failed to find alert.execute.cmd "python".
Please, help me
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
In alert.execute.cmd you need to provide *.path file.
- Create
$SPLUNK_HOME$/etc/apps/DTw_CRC/linux_x86_64/bin/directory. Create
python.pathfile with below config and provide execute permission withchmod 750 python.path"$SPLUNK_HOME/bin/splunk" cmd python
Use below config in alert_actions.conf
[DigitalTwingKeepwareCRC]
is_custom = 1
label = "Monitoreo de molino de Rio Claro"
description = "Ejecuta acciones sobre el molino de Rio Claro"
payload_format = json
param.result_count = $job.resultCount$
param.search_query = $job.search$
param.results = results_link
alert.execute.cmd = python.path
alert.execute.cmd.arg.0 = $SPLUNK_HOME$/etc/apps/DTw_CRC/bin/iotgateway/test.py
alert.execute.cmd.arg.1 = --execute
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
I created $SPLUNK_HOME$/etc/apps/DTw_CRC/linux_x86_64/bin/ directory.
In the last location, I created python.path file, and in this file write "$SPLUNK_HOME/bin/splunk" cmd python
I edited alert_actions.conf
But I get the next error:
04-01-2019 13:05:01.910 0000 ERROR sendmodalert - action=DigitalTwingKeepwareCRC - Failed to find alert.execute.cmd "python.path".
What's my error?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I have tested above config in my lab and failed but below config is working fine.
Please change $SPLUNK_HOME$/etc/apps/DTw_CRC/linux_x86_64/bin/python.path with below config
$SPLUNK_HOME/bin/python
Add below config in $SPLUNK_HOME$/etc/apps/DTw_CRC/metadata/default.meta
[alert_actions/DigitalTwingKeepwareCRC]
access = read : [ * ], write : [ admin ]
export = system
owner = nobody
Updated Team Landing Page in Splunk Observability
New! Splunk Observability Search Enhancements for Splunk APM Services/Traces and ...
Webinar Recap | Revolutionizing IT Operations: The Transformative Power of AI and ML ...
