I need your help please.
I am trying to run the same script from an alert.
My script is in : /apps/myapp/bin/scripts/myscript.sh
I changed the permissions (everyone can read, write and execute the script) and the owner is splunk.
My log file is in /apps/myapp/bin/scripts/logfile.log (everyone can read, write and execute the log file) and the owner is splunk.
Nothing happens, my file (log_file.log) is not modified, and II don't know where can I check the erros or problems due to the execution of the script from the alert.
First question : Where can we check the logs of the execution of the alert (if the script is running or if there is a problem)?
Second question: Is there something I should do enable running a script from an alert ? Can someone explain the steps we need to do to make the alert run the script ?
Additionally Run a Script alert action is officially deprecated. It has been replaced with custom alert actions as a more scalable and robust framework for integrating custom actions. See About custom alert actions for implementation and migration information.