I've spent a couple of weeks trying to get Webhook running on our Splunk Enterprise server (v.6.5.2). I've done what I can to find an answer to this error:
11-27-2018 20:45:06.296 +0100 INFO sendmodalert - action=webhook STDERR - Sending POST request to url=http://10.10.102.35:8080/generic-webhook-trigger/invoke?token=siste_sukk with size=2465 bytes payload 11-27-2018 20:45:06.296 +0100 ERROR sendmodalert - action=webhook STDERR - Error sending webhook request: HTTP Error 502: internal error - server connection terminated
11-27-2018 20:45:06.797 +0100 INFO sendmodalert - action=webhook - Alert action script completed in duration=61611 ms with exit code=2
11-27-2018 20:45:06.797 +0100 WARN sendmodalert - action=webhook - Alert action script returned error code=2
- I have set up a Webhook receiver on a Jenkins servers.
- The Webhook URL runs fine, and is accessible from the Splunk server, at least when ran in a browser. I do get the JSON response as expected.
- There is no network firewall blocking the traffic.
Do you have any idea what I've missed? Is there any setup that is required on the Splunk Enterprise server in order to get it running? Any thoughts on what to troubleshoot?