All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Can SCOM 2012 Notification Channels be built to inject subscription alerts into Splunk?

rhendle
Observer
‎03-16-2017 08:34 AM

New to Splunk and recently set up a test environment.....

Is it possible to use a SCOM command line channel using a script (not email) to inject alerts into an event management tool (not Splunk)?

  • Our current script uses variables to populate the alert info into the event management tool.
  • We have tons of custom subscriptions in SCOM that target a management pack classes but use a common the channel to inject into the event management tool.
  • I'm looking to migrate to Splunk and was wondering if anyone has built a channel to inject alerts into Splunk in a similar way or understand how you may be routing alerts by management pack class vs. build custom alert rules in Splunk.

Interested in hearing how others might be using SCOM Channels/Subscriptions into Splunk!!
Thank you!

0 Karma
Reply

rhendle
Observer
‎06-21-2018 07:06 AM

FYI - Resolved this issue by using powershell to inject event into HEC (HTTP Event Collector)

0 Karma
Reply

rhendle
Observer
‎10-16-2017 11:31 AM

FYI - I ended up figuring this out. Not sure if there is any interest but happy to document an example if there is anyone else trying to figure it out!

0 Karma
Reply
Get Updates on the Splunk Community!

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...

Introducing the 2024 Splunk MVPs!

We are excited to announce the 2024 cohort of the Splunk MVP program. Splunk MVPs are passionate members of ...

Splunk Custom Visualizations App End of Life

The Splunk Custom Visualizations apps End of Life for SimpleXML will reach end of support on Dec 21, 2024, ...