Alerting

Webhook alert action: Why am I unable to specify a header, and if I run the alert once per result, will it have different results on each post?

Path Finder

A.
I suppose I can put the authorization token in the URL as param, but I expected to be able to specify a header.
I suppose this is not really an issue, still asking - why?

B.
The json in the webhook splunkbase document http://docs.splunk.com/Documentation/Splunk/6.3.0/Alert/Webhooks contains one result, first.

If I run the alert once per result - will it have different results on each post?
If not, then how to pass the full result set to the Servlet?

0 Karma
1 Solution

Path Finder

No headers: That's by definition. The built-in webhook.py is for simple, no-header no-auth, interactions.
As to 'once-per-result" - yes, The single result attached to the webhook is each actual result out of the result set.

View solution in original post

0 Karma

Path Finder

No headers: That's by definition. The built-in webhook.py is for simple, no-header no-auth, interactions.
As to 'once-per-result" - yes, The single result attached to the webhook is each actual result out of the result set.

View solution in original post

0 Karma
State of Splunk Careers

Access the Splunk Careers Report to see real data that shows how Splunk mastery increases your value and job satisfaction.

Find out what your skills are worth!