Why is Microsoft Teams Card not displaying the ale...

Alerting

Hi,

I'm trying to setup some alerts using the Microsoft Teams Card add-on.

So I installed the add-on, created a Teams channel and defined an alert which should be sent via a webhook whenever it is triggered. The problem I noticed is that the alerts are sent when the conditions are met but I can see only the title and the subtitle of the alert, not also the actual message/body which should be a custom text containing a log line.

This si how i defined the alert :

This is how i receive the alerts in Teams :

I can't figure out what i'm doing wrong. I mention i'm very new to Splunk.

Maybe the strcat function I use at the end of the query does not generate the apropriate output for the Teams add-on ?

If i run the alert query in the "Search & Reporting" app i get good results:

Get Updates on the Splunk Community!

May 2026 Splunk Expert Sessions: Security & Observability

Level Up Your Operations: May 2026 Splunk Expert Sessions Whether you are refining your security posture or ...

Network to App: Observability Unlocked [May & June Series]

In today’s digital landscape, your environment is no longer confined to the data center. It spans complex ...

SPL2 Deep Dives, AppDynamics Integrations, SAML Made Simple and Much More on Splunk ...

Splunk Lantern is Splunk’s customer success center that provides practical guidance from Splunk experts on key ...