Custom alert script in alert manager app

lexxx · ‎03-28-2021

Good day!
A question of this nature: I have a Splunk cluster. The alert manager application is installed. There is a script for sending messages to the messenger. Is it possible through the application mechanisms to send an alert via a script when creating an incident? I searched through all the documentation of the application, and did not find how to do it...

impurush · ‎03-30-2021

If I understand the question correctly, you need to trigger the alert through your scripts. If this is the case, then you can add the alert action as "Run a Script" and give your script name in the field name. Then you need place the script in any of the location $SPLUNK_HOME/bin/scripts or $SPLUNK_HOME/etc/<app>/bin/scripts.

lexxx · ‎03-30-2021

Not really. I need to make a script alert when an incident is generated in the alert manager application (https://splunkbase.splunk.com/app/2665/) . This is due to the fact that the application has a maintenance mode. This increases the convenience and informativeness of alerts.

Custom alert script in alert manager app

administration

configuration

Can’t make it to .conf25? Join us online!

Community Content Calendar, September edition

Splunkbase Unveils New App Listing Management Public Preview

Leveraging Automated Threat Analysis Across the Splunk Ecosystem

Are you a member of the Splunk Community?

Custom alert script in alert manager app

administration

configuration

Can’t make it to .conf25? Join us online!

Community Content Calendar, September edition

Splunkbase Unveils New App Listing Management Public Preview

Leveraging Automated Threat Analysis Across the Splunk Ecosystem