Alerting
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to customize Alert Manager incident email alert results_link and view_link URL (host:port)?

JykkeDaMan
Path Finder
‎06-26-2019 07:16 AM

How do I get the Alert Manager incident emails links host:port part customised?

alert_manager/bin/lib/IncidentContext.py seems to be using REST endpoint to get the server_info:

uri = '/services/server/info?output_mode=json'
...
context.update({ "results_link" : protocol + "://"+server_info["host_fqdn"] + ":"+ http_port +"/app/" + incident["app"] + "/@go?sid=" + incident["job_id"] })

context.update({ "view_link" : protocol + "://"+server_info["host_fqdn"] + ":" + http_port + "/app/" + incident["app"] + "/alert?s=" + urllib.quote("/servicesNS/nobody/"+incident["app"]+"/saved/searches/" + incident["alert"] ) })

I have a setup, where the host_fqdn is different than the SH public webui access URL.
I have already customized the generic server settings for Alert emails, which has a correct URL, so I could use it like this:

uri = '/services/configs/conf-alert_actions/email?output_mode=json'
...
context.update({ "results_link" : alert_email_settings["hostname"] +"/app/..."
Reply
Get Updates on the Splunk Community!

Webinar Recap | Revolutionizing IT Operations: The Transformative Power of AI and ML ...

The Transformative Power of AI and ML in Enhancing Observability   In the realm of IT operations, the ...

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...