Alerting
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Why is Microsoft Teams Card not displaying the alert body?

andrei_yay
New Member
‎04-04-2022 05:45 AM

Hi,

I'm trying to setup some alerts using the Microsoft Teams Card add-on. 

So I installed the add-on, created a Teams channel and defined an alert which should be sent via a webhook whenever it is triggered. The problem I noticed is that the alerts are sent when the conditions are met but I can see only the title and the subtitle of the alert, not also the actual message/body which should be a custom text containing a log line.

This si how i defined the alert :

andrei_yay_0-1649075587938.png

andrei_yay_1-1649075688085.png

This is how i receive the alerts in Teams :

andrei_yay_2-1649075749812.png

 

I can't figure out what i'm doing wrong. I mention i'm very new to Splunk.

Maybe the strcat function I use at the end of the query does not generate the apropriate output for the Teams add-on  ?

If i run the alert query in the "Search & Reporting" app i get good results: 


andrei_yay_3-1649076141034.png

 

 

 

Labels (2)
Labels
0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Lantern | Spotlight on Security: Adoption Motions, War Stories, and More

Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data ...

Splunk Cloud | Empowering Splunk Administrators with Admin Config Service (ACS)

Greetings, Splunk Cloud Admins and Splunk enthusiasts! The Admin Configuration Service (ACS) team is excited ...

Tech Talk | One Log to Rule Them All

One log to rule them all: how you can centralize your troubleshooting with Splunk logs We know how important ...