Re: Scripts for Alert Actions

nawazns5038 · ‎01-25-2018

Hi,

Can I please get an example of a script to make use of the alerts results.
I have read the documentation that the "$SPLUNK_ARG_8" has the location that holds the results in a zip file .
I want to know how can I access the zip file or open it and use the results by a python or a shell script.

yannK · ‎01-25-2018

Example with scripted alert
https://docs.splunk.com/Documentation/SplunkCloud/latest/Alert/Configuringscriptedalerts
The idea behind the argument to the result zip file, is to use verify the presence of the file, then unzip, read the results (sometimes in csv). then trigger actions. As the scripts runs as the splunk user, it should be able to access the file.
Also splunk ships with python so you can use this language.

Otherwise nowadays, the supported method is to use custom alert actions

http://docs.splunk.com/Documentation/SplunkCloud/latest/Alert/CreateCustomAlerts

nawazns5038 · ‎01-26-2018

Yes I could see the link,
Could you please paste some example scripts that are in use or that can be used.

nawazns5038 · ‎01-25-2018

Can we use python scripts other than shell scripts for alert actions ?

Scripts for Alert Actions

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

Data Management Digest – May 2026

Join the Conversation