All Apps and Add-ons

Is it possible to alter the actual message sent to Telegram?

rmens
Engager

Is it possible to alter the actual message sent to Telegram?
I just want to send a simple message like "event x has occurred" instead of the whole boilerplate containing the severity, link, etc.

Tags (1)

jacauc
Explorer

I'd also like this functionality without having to edit the bin file... Any update on this to allow users to customize their messages?

0 Karma

ragedsparrow
SplunkTrust
SplunkTrust

Hey @rmens,

Currently, the alert message is hard coded into the python script, so you would need to modify the python script to change the alert message:

You will want to change this specific line only in telegram.py inside the bin folder:

 message = "<b>****SPLUNK ALERT MESSAGE***</b>\n<b>Splunk Search</b>: {0} \n<b>SEVERITY</b>: {1} \n<b>MESSAGE</b>: {2} \n<b>Results Link</b>: {3}".format(splunkSearch, severity, message, resultsLink)

To This:

 message = "{0}".format(message)

That should only send the alert message. I have not tested this, but it should work.

I will work on making the alert more versatile as well for things like this and will hopefully have something to release in the next week or so.

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...