Alerting

Remove HTTP Port in Alert Email Link

fredclown
Contributor

We have a load balancer sitting in front of our search head cluster that is reverse proxying the connection to the search heads over https port 443. The search head web interfaces are running on port 8000. The issue is when our search heads send out alert emails they append 8000 to the load balancer url which doesn't work because the load balancer is listening on 443. Is there a way to tell the search heads to leave off the port or specify a different port explicitly in the alert emails?

Labels (2)
0 Karma
1 Solution

fredclown
Contributor

Oh, I think I just found the answer. Looks like in the alert_actions.conf file there is the hostname property that if you explicitly put https:// in front of the url then you can avoid having it tack on the web port when it sends emails.

https://docs.splunk.com/Documentation/Splunk/latest/Admin/Alertactionsconf

View solution in original post

0 Karma

fredclown
Contributor

Oh, I think I just found the answer. Looks like in the alert_actions.conf file there is the hostname property that if you explicitly put https:// in front of the url then you can avoid having it tack on the web port when it sends emails.

https://docs.splunk.com/Documentation/Splunk/latest/Admin/Alertactionsconf

0 Karma
Get Updates on the Splunk Community!

Stay Connected: Your Guide to July and August Tech Talks, Office Hours, and Webinars!

Dive into our sizzling summer lineup for July and August Community Office Hours and Tech Talks. Scroll down to ...

Edge Processor Scaling, Energy & Manufacturing Use Cases, and More New Articles on ...

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

Get More Out of Your Security Practice With a SIEM

Get More Out of Your Security Practice With a SIEMWednesday, July 31, 2024  |  11AM PT / 2PM ETREGISTER ...